On Thu, Feb 27, 2003 at 09:08:48AM -0700, scott wrote: ... > > I think you need an actual proxy server for what you want to do, and > > presumably one which does a lot of data checking against buffer > > overflows, etc. if you want it to protect the security of the Exchange > > server. > > -- Clifton > > Well, OK, so I need an "actual proxy server". Pardon my OT request > here, but (before I head off into the sunset with my little dilemma...) > I don't know of any such beast. Can anyone name some POP/IMAP proxy > servers?
IMAP, yes - Perdition seems to be pretty well respected. POP, not offhand. Sorry. You can readily use software that is not so much a proxy server as a generic tunnel server, like Peter da Silva's plugdaemon, for instance. That would just plug in and "plumb" a POP tunnel from the DMZ machine through to your internal machine. However, this would not seem to me to add any security; it will happily pass through buffer overflow exploits and whatever is coming in on the input stream. <http://www.taronga.com/plugdaemon/> If you can't find something that actually understands the POP protocol and does bounds-checking on commands and parameters you probably haven't added any security over just punching a hole. Though you might add a little flexibility in terms of being able to move around your internal network later without affecting what's visible. -- Clifton -- Clifton Royston -- LavaNet Systems Architect -- [EMAIL PROTECTED] "If you ride fast enough, the Specialist can't catch you." "What's the Specialist?" Samantha says. "The Specialist wears a hat," says the babysitter. "The hat makes noises." She doesn't say anything else. Kelly Link, _The Specialist's Hat_
