Hi there,
I just wanted to ask a few question, I'm looking for the same
setup, the questions I have is, with the port 25 forwarded to the
internal mail hub is the 'hole/tunnel' thru the firewall 'safe'?
Does this just shift the security risk to internal mail server?
Also doesn't the internal mail server just send mail out the firewall
via NAT the the firewall provides and it just appears as if its from the
firewall?
There fore you would not need to forward the port 25 from the internal mail
server from the internal to the outside. Just from the outside to the
inside.
firewall port 25 ---port forwarded---> internal mail server,outgoing mail
^ |
\<--------<outgoing mail sent via NAT on firewall<--------------/
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Jose Nazario
> Sent: Friday, March 16, 2001 7:38 AM
> To: Hans Scheffers
> Cc: Firewalls-Digest (E-mail)
> Subject: Re: iptable / NAT
>
>
> On Fri, 16 Mar 2001, Hans Scheffers wrote:
>
> > Do I need a sendmail on my firewall, when I do a forward of port 25
> > from the outside to the inside and inside -> outside?
>
> no, you do not need an instance of sendmail on your firewall if you have
> an internal SMTP server. you *can*, if you want, put a mail hub on your
> firewall and enhance it with, say, content screening, but that's not
> needed. just allow SMTP traffic to the proper servers.
>
> ____________________________
> jose nazario [EMAIL PROTECTED]
> PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
> PGP key ID 0xFD37F4E5 (pgp.mit.edu)
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
