[EMAIL PROTECTED]> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <[EMAIL PROTECTED]> User-Agent: Mutt/1.4i
Sendmail, Inc has one that comes with their IMAP server. It can do the initial auth (plain or via SSL), lookup the username in LDAP and direct it to the appropriate server. First pass wasn't so long to write: Listen on port, pass data in to server. Basic C (or even perl). TIS had a proprietary one with Gauntlet, it's basically plug-gw (TIS FWTK) with some mods. License is not acceptable for redistrib freely. google may show some things. Generally, I'm more of a fan of making exchange go away. It's brutally expensive (far higher than most managers believe and, for managers who brought it in, higher than they're willing to share). Qpopper isn't a proxy. It's not for exchange use. Quoting scott ([EMAIL PROTECTED]): > On Thu, 2003-02-27 at 11:20, Clifton Royston wrote: > > On Thu, Feb 27, 2003 at 09:08:48AM -0700, scott wrote: > > ... > > > > I think you need an actual proxy server for what you want to do, and > > > > presumably one which does a lot of data checking against buffer > > > > overflows, etc. if you want it to protect the security of the Exchange > > > > server. > > > > -- Clifton > > > > > > Well, OK, so I need an "actual proxy server". Pardon my OT request > > > here, but (before I head off into the sunset with my little dilemma...) > > > I don't know of any such beast. Can anyone name some POP/IMAP proxy > > > servers? > > > > IMAP, yes - Perdition seems to be pretty well respected. > > > > POP, not offhand. Sorry. > > > > You can readily use software that is not so much a proxy server as a > > generic tunnel server, like Peter da Silva's plugdaemon, for instance. > > That would just plug in and "plumb" a POP tunnel from the DMZ machine > > through to your internal machine. However, this would not seem to me > > to add any security; it will happily pass through buffer overflow > > exploits and whatever is coming in on the input stream. > > > > <http://www.taronga.com/plugdaemon/> > > > > If you can't find something that actually understands the POP > > protocol and does bounds-checking on commands and parameters you > > probably haven't added any security over just punching a hole. Though > > you might add a little flexibility in terms of being able to move > > around your internal network later without affecting what's visible. > > I THINK Perdition just pipes you through to your destination mail > server, though. Perhaps kind of like what you describe with > plugdaemon. No true proxying. But I want my clients to pick up their > mail from the proxy, and be UNABLE to directly attach to the true > backend mail server. > > Thanks very much, > > Scott > > P.S. Doesn't the Specialist's hat bite? :) >
