On Thu, Apr 01, 2010 at 08:15:29PM -0600, Glenn English wrote:
So why must this be a Postfix-as-proxy, instead of a complete
Postfix-with-queue instance?
Like I said, I'm not at all sure it does. But I'm told that there
should be an SMTP reverse proxy running on the firewall to protect
was to run an SMTP reverse proxy on the firewall. I'm thinking
about maybe doing that for HTTP because it'd be pretty easy to filter based on
what would be legit HTML requests, but not for much else.
Thanks for the info...
--
Glenn English
g...@slsware.com
Is it possible to use postfix as a reverse proxy for my SMTP server?
I think what I'm asking is does postfix do its UBE and protocol checks *before*
it sends to a smarthost.
If not, do you know of a way to reverse proxy SMTP? How about POP3 and IMAP?
--
Glenn English
g...@slsware.com
On 4/1/2010 12:49 PM, Glenn English wrote:
Is it possible to use postfix as a reverse proxy for my SMTP server?
I think what I'm asking is does postfix do its UBE and protocol checks *before*
it sends to a smarthost.
If not, do you know of a way to reverse proxy SMTP? How about POP3 and IMAP
On Thu, Apr 01, 2010 at 11:49:50AM -0600, Glenn English wrote:
Is it possible to use postfix as a reverse proxy for my SMTP server?
Yes, but why?
I think what I'm asking is does postfix do its UBE and protocol checks
*before* it sends to a smarthost.
Yes, but when Postfix is a proxy
On Apr 1, 2010, at 12:25 PM, Victor Duchovni wrote:
Is it possible to use postfix as a reverse proxy for my SMTP server?
Yes, but why?
Because I was told over on the mailop list that it needs to be done for
security reasons, and I'm looking into whether to believe it or not.
Thanks to you
On Thu, Apr 01, 2010 at 12:50:04PM -0600, Glenn English wrote:
On Apr 1, 2010, at 12:25 PM, Victor Duchovni wrote:
Is it possible to use postfix as a reverse proxy for my SMTP server?
Yes, but why?
Because I was told over on the mailop list that it needs to be done
for security
On Apr 1, 2010, at 1:48 PM, Victor Duchovni wrote:
What is the it that has to be done for security reasons.
Reverse proxy-ing servers on the firewall. The idea, as I understand it, is to
keep badness from getting to the servers. I can kinda understand that for HTTP
-- ACLs based on UR
On Thu, Apr 01, 2010 at 03:52:46PM -0600, Glenn English wrote:
On Apr 1, 2010, at 1:48 PM, Victor Duchovni wrote:
What is the it that has to be done for security reasons.
Reverse proxy-ing servers on the firewall. The idea, as I understand it, is
to keep badness from getting
On Apr 1, 2010, at 4:05 PM, Victor Duchovni wrote:
Were you asking about using Postfix as a proxy in front of internal SMTP
servers, or using firewall reverse-proxy SMTP support to sit in front of
Postfix?
I was asking about Postfix running as a daemon on the firewall computer that
handles
Glenn English:
On Apr 1, 2010, at 4:05 PM, Victor Duchovni wrote:
Were you asking about using Postfix as a proxy in front of internal SMTP
servers, or using firewall reverse-proxy SMTP support to sit in front of
Postfix?
I was asking about Postfix running as a daemon on the firewall
Glenn English put forth on 4/1/2010 5:42 PM:
I was asking about Postfix running as a daemon on the firewall computer that
handles routing and inspecting traffic between the WAN, the DMZ, and the LAN.
This Postfix would intercept and inspect incoming SMTP connections (and drop
some) before
On Apr 1, 2010, at 7:33 PM, Stan Hoeppner wrote:
If you want all the edge security managed by one device
I don't. There's a border router with ACLs, and everybody has a reasonably
intelligent packet filter. I'm just trying for this one fairly fancy box in the
middle for inspection and
On Apr 1, 2010, at 5:36 PM, Wietse Venema wrote:
So why must this be a Postfix-as-proxy, instead of a complete
Postfix-with-queue instance?
Like I said, I'm not at all sure it does. But I'm told that there should be an
SMTP reverse proxy running on the firewall to protect the full server
Glenn English:
On Apr 1, 2010, at 5:36 PM, Wietse Venema wrote:
So why must this be a Postfix-as-proxy, instead of a complete
Postfix-with-queue instance?
Like I said, I'm not at all sure it does. But I'm told that there
should be an SMTP reverse proxy running on the firewall
15 matches
Mail list logo