SmarterMail accolades aside and returning to my original question, I think
I'm going to test the following:
1. Removing Imail's external interface and only utilizing an internal
interface thus removing Imail from any direct outside/external
connections/attacks.
2. Setting up an external FreeBSD box w/IPFW and a POP3 Proxy (I'm going to
try using Courier first)
3. Utilizing IPFW to rate limit by the source IP to something reasonable
My thinking is that this would allow legitimate POP3 requests but
slow/frustrate brute force attacks. If this works, I would then add an open
source webmail solution like Zimbra or RoundCube that utilizes IMAP calls to
Imail via the internal network. I've already eliminated Imail's SMTP from
public exposure by utilizing my IMGates. Obviously the proxy would need the
external IP address that we use in DNS for our customers for POP3 calls.
Diagrammed, it would look something like this:
| | |
------- External ------------------------
| | |
IMGate POP3_Proxy WebMail_via_IMAP
| | |
------- Internal ------------------------
| | |
| | |
--------> IMail <-----------
Thoughts? Ideas?
-NB
