Roman, Yep, I think this is probably off topic, as it seems to have more to do with general proxying and firewalling than it does courier specific issues... but I've been guilty of OT myself so I'll give you what I can think of off the top of my head ;)
Disclaimer: I haven't done what your trying, and its been a while since I did any fancy firewalling, and when I did I used ipchains, not the current iptables. I THINK what you want to do is set up your firewall to forward port 993 directly to port 993 on your mail server. This will probably cause you all sorts of certificate validation problems though. The other thing to consider doing is to set up your gateway as a mailserver also, but just use esmtp relay authentication (which Courier supports) and have it pass on mail to your "real" mailserver behind the wall. I think the discussion earlier about Backup MX's might be of use to you. Very Vague, but I hope helpful. You would probably want to enlist a security or firewall list for this question rather than courier, so lets take this off list if you have any further questions. David Roman Serbski wrote: > Hi list > > I'm sorry for probably OT question. > I use stand-alone Courier-IMAP 1.4.0 SSL with Qmail/Vpopmail - > everything works ok. Now we're going to redesign our network and > implement DMZ/private LAN scheme. I'm planning to have two mail servers: > one server goes to DMZ (real IP addresses) and acts as a mail > relay/forwarder + AVI/SPAM scanning, another server goes to private LAN > (192.168.0.0) and actually stores usernames and passwords. Mail relaying > is OK, I saw some hints in qmail FAQ how to forward mail to another mail > server. But the problem is that I have to have IMAP-SSL access from > outside (from Internet) - so I think about some kind of IMAP-SSL > proxying, when users from Internet try to access mail server in DMZ and > this server, in some way, forwards login information/mail to the server > in private LAN (it'll run Courier-IMAP SSL). > > Is it possible to make this with Courier-IMAP or this is wrong list to > ask? May be someone here has a similiar setup - please help me. > > Looking forward to hear from you. > > Regards, > Roman > _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
