Latest LQ Deal: Linux Power User Bundle
Go Back > Forums > Linux Forums > Linux - General
User Name
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.


  Search this Thread
Old 12-13-2008, 02:36 PM   #1
LQ Newbie
Registered: Aug 2006
Posts: 6

Rep: Reputation: 1
Mail server using VMware: SMTP gateway in the DMZ and maili servers on the LAN

I'm looking for help both from Linuxquestions and VMware forums since I'm not sure which place would be best to look. I'm setting up a Sendmail server on top of FreeBSD and have read that it's a good security practice to place the SMTP gateway in the DMZ and the mail servers in the LAN. I would like to know if anyone has any experience doing this with VMs, one in the DMZ and one on the LAN.

As for possible security issues, I know that it could be possible to compromise the DMZ VM and possibly get to the LAN VM but, I think the risk is low as VM security is still decently high. Would I be better to use 2 separate boxes?

Thanks in advance
Old 12-13-2008, 03:58 PM   #2
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976
if you mean you have two seperate network connections into a single VMware server instance with a vSwitch for each nice, one for LAN and one for DMZ then in theory your fine, but it's pretty ugly to be using different security zones on a single platform. Your DMZ systems would be much more likely to be physical machines and not VM's for various security reasons. If you are looking for better security then I would often put low level security zone separation before best practises of SMTP traffic.

depending on your security architecture, many linux / bsd based firewall distro's, e.g. smoothwall, pfsense, ipcop, astaro can provide the SMTP gateway functionality within a security device, which might be a simpler way to get what you're alluding to.

Last edited by acid_kewpie; 12-13-2008 at 04:00 PM.


dmz, machine, sendmail, virtual, vmware

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Allowing web server in dmz to access AS400 in LAN sunethj Linux - Networking 0 01-10-2007 12:06 AM
Unable to send mail to some mail servers due smtp greetings malformed atotomex Linux - Networking 6 12-20-2005 05:38 PM
DHCP Server for internal LAN and DMz NVETHIS Linux - Networking 1 07-11-2003 11:16 AM
gateway(NAT),firewall,server,DMZ andjules Linux - Networking 1 11-22-2002 06:55 PM
gateway(NAT),firewall,server,DMZ andjules Linux - Newbie 2 11-22-2002 09:11 AM > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 09:45 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration