Hi,
IMHO segregation is the key, I would put a mail server in yr DMZ (which provides virus
and maybe content scanning) and then have another mail server in yr internal net which
initiates connections with the MS in the DMZ.
Have yr FW do the NATing.
internal net--------->internal------------>Firewall------------>internet
mail server |
|
|
\/
mail server
DMZ
Kind Regards
Ivan Coric
IT Security Officer
Information Technology
WorkCover Queensland
Ph: (07) 30066414 Fax: (07) 30066424
Email: [EMAIL PROTECTED]
>>> Imraan Kadir <[EMAIL PROTECTED]> 05/07/02 11:34pm >>>
Hi There
Can somebody please shed some light.
Is it safer to place your mailserver in the DMZ or in your LAN (with NAT
configured)?
Thank you
Imraan
***************************************************************************
Messages included in this e-mail and any of its attachments are those
of the author unless specifically stated to represent WorkCover Queensland.
The contents of this message are to be used for the intended purpose only
and are to be kept confidential at all times. This message may contain
privileged information directed only to the intended addressee/s.
Accidental receipt of this information should be deleted promptly
and the sender notified.
This e-mail has been scanned by Sophos for known viruses.
However, no warranty nor liability is implied in this respect.
**********************************************************************
