Kristian Davies wrote: > Just wondering what is considered best practice/thoughts of email setups. > > 1) SMTP gateway sits in the DMZ for the company and forwards mail > through a pinhole to the email server in the inside network and vice > versa. The gatway might deal with spam and av issues. > > 2) Machine on the inside does everything, external servers connect > directly. Internal machine does AV/SPAM, pop3 for internal users et > al... > > btw this is a 450 person company. > > I would have thought option two would be a 9 on the risk/load scale? > > Thoughts...? > > Cheers > Kristian >
Perhaps the way to go with older, less flexible MTA and the CPU speeds, and storage limitations of years past. But with Exim's capability set, and on any decent modern hardware, the single-server is NOT all that risky, is far easier to set up, control, and troubleshoot, and should be rather lightly loaded with 4,500 users, let alone 450. As soon as you introduce an extra relay, you start having to deal with whether both can (always) 'see' the same list of users, what happens in the way of adding/subtracting/altering/preserving header information, how/when/if you manage DSN/bounces, what you do about forwarding, vacation notices.... All done many times, plenty of examples here - but IMNSHO, more appropriate to an ISP with 45,000 users than a company with 450, where even the scanning/AV load should not pose a problem. JMCW, but it would seem to make more sense to put similar resources into good backup - perhaps even a 'cloned' hot-standby, and by all means RAID, even if it is 'software' IDE RAID. Exim doesn't need external help to filter very, very flexibly and still carry a load well. Bill -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
