LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 04-05-2010, 02:21 PM   #1
andy.l
Member
 
Registered: Feb 2007
Location: Scandinavia
Distribution: Fedora Core 6/Ubuntu 6.10
Posts: 92

Rep: Reputation: 15
Secure mail setup - Best practice


I'm in the process of setting up a new mailsystem for a small network.
The network is protected by a firewall(Astaro ASG), with 2 connected networks, LAN and DMZ. Initially we planed to have a SMTP relay located in the DMZ that was accessible from the internet by port 25 (SMTP). The mail relay should relay all incoming mail to a Zimbra server on the LAN, and the internal Zimbra server would relay all outbound email through the SMTP relay in the DMZ. In other words, the internal Zimbra server has NO direct connection with mailserver on the internet. All traffic is limited to the two mail servers, and port 25 (SMTP)
Is this best practice, and will this be sufficient to protect the internal Zimbra server? Are there any other things that could be done to protect the mailserver? Would it be better to have the Zimbra server located in the DMZ as well, and enable clients on the LAN to connect either via POP/IMAP and https? This way there would be no hole from the DMZ and inbound to the LAN.
Any ideas or feedback about these kinds of setups would be appreciated

/Andy

Last edited by andy.l; 04-05-2010 at 02:23 PM.
 
Old 04-05-2010, 08:51 PM   #2
kbp
Senior Member
 
Registered: Aug 2009
Posts: 3,758

Rep: Reputation: 643Reputation: 643Reputation: 643Reputation: 643Reputation: 643Reputation: 643
That config sounds good, just ensure you do a bit of filtering on your mail relay to reduce the load on the Zimbra box

cheers
 
  


Reply

Tags
mail, secure, smtp, zimbra


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How secure is my setup? MasterOfTheWind Linux - Security 25 10-09-2008 09:10 PM
How to Setup a Secure Perimeter mindjet Linux - Security 8 11-07-2007 06:46 PM
Is this setup reasonably secure? The_JinJ Linux - Newbie 3 10-04-2005 08:34 PM
setup a secure proxy darkleaf Linux - Security 2 07-13-2005 07:58 PM
Secure Mail Server Setup djkene70 Linux - Networking 3 10-14-2003 01:29 PM


All times are GMT -5. The time now is 08:37 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration