LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 02-20-2012, 06:07 AM   #1
gabolander
LQ Newbie
 
Registered: Sep 2008
Posts: 7

Rep: Reputation: 0
Post Mail: DMZ imap4s and smtps w/auth to forward to internal server mail


Hi there guys.
I have a problem like this:
In my infrastructure I have an internal mail server with non-ssl protocol for reading (imap4 on port 143, pop3 on 110) and a postfix MTA for sending mail with no auth (smtp on port 25).
I'd like to extend availability of mail services to my users also from external, using a "passthrou" machine in my DMZ, but I want to respect all the rules to make the service as secure as possible.

In other words... my idea is to install a service in DMZ, where a user can land for its IMAP4 authentication, using secure port 993, and this DMZ machine should forward requests to internal mail server to standard (insecure) port 143 (performing imap authentication of already existing internal machine).
In the same way, user could use our MTA, connecting his client (eg. from a mobile phone's mail client) to our machine in DMZ to ssl port 465 with authentication, then this DMZ machine should act as a relay to internal smtp:25 w/ no auth for sending mail.

I'm looking a solution for making this possible. I tried nginx and perdition but with no success.

Any suggestion is kindly appreciated.

Best,
Gabo

Last edited by gabolander; 02-20-2012 at 07:28 AM.
 
Old 02-20-2012, 06:42 AM   #2
lithos
Senior Member
 
Registered: Jan 2010
Location: SI : 45.9531, 15.4894
Distribution: CentOS, OpenNA/Trustix, testing desktop openSuse 12.1 /Cinnamon/KDE4.8
Posts: 1,144

Rep: Reputation: 217Reputation: 217Reputation: 217
Hi,

relaying/ forwarding is done with Firewall (i.e. IPTABLES), but I don't know how, so you please give more details about your DMZ machine which will act as a 'landing point' for internet users.
Some people will help you with that
 
Old 02-20-2012, 08:40 AM   #3
gabolander
LQ Newbie
 
Registered: Sep 2008
Posts: 7

Original Poster
Rep: Reputation: 0
Tnx for your reply.
Well .. I think A picture is worth a thousand words, so I attached a bare (and rude... ) diagram where things might be clearer.

Looking diagram, the red server (Machine C) is the only missing ATM (and it is the one I intend to add).
I setup an Ubuntu Server machine, but I don't have problem if I should have to turn to a RH based linux box (like CentOS 6.2 or whatever .. ).
Anyway.. it will be used only to allow users to connect from the internet for mail reading purposes, via IMAPs protocol, and sending mail connecting to the same machine (Machine C) or another similar machine (duplicated from Machine C, for example) via authenticated SMTPs protocol. In this last case, it should act a relay where it should use internal SMTP machine (Machine A) as transport (at least, I think so... )
When Machine A sends a mail to an internal user, this mail drives inside the same Machine A.
When Machine A sends a mail to an external internet user, it uses the already existant and working Machine B as transport relay.

I hope I was clear enough to explain my problem.

I accept suggestions for all possible solutions.

Thanks in advance for any help.
Attached Images
File Type: jpg DiagrammaPostaDaInternet.jpg (100.6 KB, 1 views)
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
mail server migration: howto deliver locally AND forward mail to new server pedrobl Linux - Server 1 01-21-2011 11:12 PM
Forward certain local mail to an external mail server marciano Linux - Server 1 05-11-2009 11:08 AM
forward mail to internal mail server suse 9.2 brian1978 Linux - Security 1 02-22-2006 02:25 PM
mail server issue smtps/pop3s ...HELP!!! rnj Fedora 0 10-08-2004 02:39 AM
Postfix relaying mail to internal mail server tradecraft1 Linux - Networking 2 10-28-2003 03:01 PM


All times are GMT -5. The time now is 02:05 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration