OT: Setting up a forwarding mail domain in DMZ without pinhole.
Sanjay Arora
skpobox at hotpop.com
Sun Aug 22 09:37:31 UTC 2004
On Sun, 2004-08-22 at 15:28, Peter Boy wrote:
> Am So, den 22.08.2004 schrieb Sanjay Arora um 08:26:
> > I want the DMZ server to receive the mails from the internet, for the
> > domains, it is set up as first MX and keep them in its queues. I want
> > the Green server to periodically connect to the DMZ qmail server and get
> > all mails from it...as the DMZ server cannot connect to it due to the
> > iptables firewall.
>
> The SMTP does not support your model to use your "green" server to
> "pull" mail from the DMZ server. It is a "push" type communication
> model.
>
Grrrrrr
I thought so ;-( Thanks for the confirmation.
> So you have to use something like
> - pop protocol to transfer the mail (e.g. fetchmail)
> - nfs/ftp to periodically transfer the mailbox files
> - use cron to peridically allow incoming smtp on the firewall
> and initiate a resend on the DMZ mailserver
>
Hmmm...dont like to tamper with firewalls...reason they are there is
that there is risk involved...dont make sense that I increase perceived
risk even for small timeslots, just to impose what I think should
happen.
Guess will implement mailboxes on DMZ and Green both, scripted to
download mail from one to the other or some similar permutation. Any
idea on how to broadly do it. Dont need to give me the installation
details...just an idea how to set it up...Anyone?
Thanks again, Peter.
Sanjay.
More information about the fedora-list
mailing list