Greetings!

I am creating a development environment on my LAN and am in the research mode for numerous of its pieces.

The security of having each system access the internet for web, email, irc, tor, etc, is expensive, redundant, insecure, and all that.

So, I am leaning towards using specific older systems for a single purpose email to-and-from point wherein the WAN is never accessed by any but the secured single-purpose system.

I am using NFS-accessible data, application, user, and os file servers which allow the common UID/GID users throughout the LAN to access everything, including mail.

I am interested in converting all our Apple Mail 5.x folders, rules, and mail over to whatever we use.

As I understand it I need to go IMAP to address NFS-based mail.

So, am I properly considering having both a server and server-addressing set of clients? I do not want mail going down to the separate "viewers", more like each is using terminfo/termcap to view the mail application via NFS.

I may be overcomplicating this, just the opposite, or both.
I look forward to suggestions, guidance and elevation of concept.

Thanks gang.
chris

No idea what you want other than a central IMAP mail store and a gateway MTA. So what is it exactly that you're trying to guard against if I may ask?

First off, thanks for your interest, and sorry for the belated response....

Spyware needs a generalized system, an entry point onto a specific system, and a manufactured belief that it doesn't exist, wouldn't want to attack, is inevitable, that "resistance is futile", is not worth the effort, narcissistic ignorance or just plain slack.... in other words, it needs a slave's mentality as host. No thanks.

It exists, like crab lice, and I don't want either.

I have 12 (older/varied OS) systems which I'd like to virtually access email, which'll really all be processed by, received, filtered, viewed, written, and stored on a common LAN email server much as would be done with a PRISM-integrated WAN email server (e.g., Google, Yahoo, Apple, Microsoft), with no "client" (download) capabilities.

All email will come in from or go out to the WAN via the one dedicated system, so, I will construct emails most likely with a layered termcap/terminfo use of the email server's SMTP/IMAP features....

I just bought several books covering IMAP, Courier, QMail, Postfix, SquirrelMail, Dovecot, et. al.
I am on a timeatble to complete a file server (all apps, OSs, uid/gid users, data) across the systems avoiding their proprietary traps (USB, networking).

I am making every effort to stay clear of the Microsoft-Apple either-or. The standards still exist (e.g., NFS, SFTP) even if most don't see them in plain sight due to the spectacle of that Big Lie.

So, no WAN licenses, no hall pass apps. No invisible folders/files. No fake :bug fixes. No more "security leak-plugging. It'sd my system, my code, my LAN. I don't care about silly gameplaying or textmessaging or any other banal ways to kill what time I am not forced to sell in order to fulfill a payment schedule for what;s left after it's gone.

The cloud is not "out there"; it's in people's minds... a return to a mainframe "central scrutinizer" mentality.
It only reigns in the mind of slaves.

And, the first surrender is allowing ANYthing on my LAN that I did notr explicitly seek and desire.
So, that is my motivation.
All my years at EDA, test&measurement, and networking software houses -- watching and contributing to my life and others' lives being converted into the lifestyle of trademarks, licenses, contracts, disconnected fragments -- requires that NO imperial/colonizing packets will be tolerated at all.

The simplest way is to eliminate the problem of duplicated effort, and thus, of exponentialized possibility for mistake.
Systems of single purpose and backed-up 192.168.x.x drives of LAN-universal access by LAN-universal users/groups is the first step. As well, no more proprietary USB crap will be used at all. No wifi or bluetooth at all. No RFID or built-in transmitors (such as in iPhone or HDTV). Roku and GBox are out as well since their intrusion is not even advertised as a feature, just as some rite of manufacturing.

Sorry for the rant but you did ask. ;-)
Maybe there's a simple solution besides not using anything attached to the WAN at all. Hope so, because the RFIDs in my tires and clothes have a different idea" smart devices, dumb[ed-down] people. Comcast, the latest AT&T clones, now require turning in wired modems for wireless-onlys. The use of any device is becoming lethal, and suicidal.

Thanks.