> > Tell us more about your topology. What machines are the clients coming in
> > from? Is this just a simple case of blocking POP3 from external access?
>
> Right now, our users can only connect to our pop server from within our
> protected net (we do have dialup to there but that's beside the point); once
> upon a time (after we got our T1, but before the firewall), a few of them
> figured out that they could connect to the internet through their personal
> ISP's, point their Netscape client or whatever at our pop server, and get
> their work mail that way. But now our pop server is behind a firewall on a
> masqued subnet; its ip address is 192.168.1.25, therefore non-routable. The
> publicly-listed mail destination for our domain is just a qmail router on the
> firewall which hands off mail to our internal server.
I think the Proxy-Arp mini-howto will help you here. Basically your
exterior box answers requests for the mail server, and returns responses.
> > Have you considered using ssh into the box?
>
> Where can I get some no-bs info on ssh? The last time I looked (not too
> recently), I couldn't even get a decent grip on what it is, let alone how to
> set it up. Isn't it some sort of telnet proxy?
No, it stands for Secure Shell. It uses PGP-like encryption (called
public key) to do host and user authentication, as well as encrypt the
data that travels thru the link.
You can find more information at:
http://www.tac.nyc.ny.us/~kim/ssh/
There are also a few other things you should check for more information:
- The firewalls mailing list, at www.greatcircle.com. There is often
conversation about Linux, as well as some really knowledgable people.
- The NAT implementation for Linux, which is N->M translation, instead of
N->1 like i with ipmasq
- The [EMAIL PROTECTED] list, which has some great people, most
notably Glynn Clements, which has helped people with this problem before..
Dave
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
To unsubscribe: mail [EMAIL PROTECTED] with
"unsubscribe" as the Subject.