Well technically speaking yeah! , because If someone can exploit your smtp daemon, and is aware of the fact that It's behind the DMZ. He can do a lot of nasty things with your smtp servers. But practially speaking crackers don't do blind commands unless they have a shell, which in your case would be quiet difficult untill the DMZ is owned as well. So i'd suggest you to carry on your smtp idea, but keep watching for the vulnerabilities of smtp daemon you're running. Good Luck =)
Regards, --------- Muhammad Faisal Rauf Danka Chief Technology Officer Gem Internet Services (Pvt) Ltd. web: www.gem.net.pk voice: 92-021-111-GEMNET "Great is the Art of beginning, but Greater is the Art of ending. " ------BEGIN GEEK CODE BLOCK---- Version: 3.1 GCS/CM/P/TW d- s: !a C++ B@ L$ S$ U+++ P+ L+++ E--- W+ N+ o+ K- w-- O- PS PE- Y- PGP+ t+ X R tv+ b++ DI+ D G e++ h! r+ y+ ------END GEEK CODE BLOCK------ --- [EMAIL PROTECTED] wrote: > >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >What are the potential risks of putting a port relay application on a DMZ server so >that people can check their mail remotely, with the mail server being behind the >second layer of firewall? Only standard e-mail ports are allowed through the >firewall. Is there any way someone can "ride the port" with unintended traffic? > >Hush provide the worlds most secure, easy to use online applications - which solution >is right for you? >HushMail Secure Email http://www.hushmail.com/ >HushDrive Secure Online Storage http://www.hushmail.com/hushdrive/ >Hush Business - security for your Business http://www.hush.com/ >Hush Enterprise - Secure Solutions for your Enterprise http://www.hush.com/ > >Looking for a good deal on a domain name? >http://www.hush.com/partners/offers.cgi?id=domainpeople > >-----BEGIN PGP SIGNATURE----- >Version: Hush 2.1 >Note: This signature can be verified at https://www.hushtools.com > >wlsEARECABsFAjy8aiYUHHBjZ2Vla0BodXNobWFpbC5jb20ACgkQv2tV+j5+XIErfQCg >niZyy24ORQfxsNOuK59d4luqSckAn1/Vp5/u6CONCCEbnczOcvpri/sk >=BuB5 >-----END PGP SIGNATURE----- _____________________________________________________________ --------------------------- [ATTITUDEX.COM] http://www.attitudex.com/ --------------------------- _____________________________________________________________ Run a small business? Then you need professional email like [EMAIL PROTECTED] from Everyone.net http://www.everyone.net?tag
