reverse proxy
in [Postfix]
|
From: Glenn English on 1 Apr 2010 13:49 Is it possible to use postfix as a reverse proxy for my SMTP server? I think what I'm asking is does postfix do its UBE and protocol checks *before* it sends to a smarthost. If not, do you know of a way to reverse proxy SMTP? How about POP3 and IMAP? -- Glenn English ghe(a)slsware.com
From: Noel Jones on 1 Apr 2010 14:21 On 4/1/2010 12:49 PM, Glenn English wrote: > Is it possible to use postfix as a reverse proxy for my SMTP server? > > I think what I'm asking is does postfix do its UBE and protocol checks *before* it sends to a smarthost. > > If not, do you know of a way to reverse proxy SMTP? How about POP3 and IMAP? > It's fairly common to use postfix as an email gateway for multiple internal mail servers. Here's a starting point: http://www.postfix.org/STANDARD_CONFIGURATION_README.html#firewall Other information on configuring postfix can be found here: http://www.postfix.org/documentation.html You can use dovecot as a IMAP/POP3 proxy, more info here: http://dovecot.org/ http://wiki.dovecot.org/HowTo/ImapProxy -- Noel Jones
From: Victor Duchovni on 1 Apr 2010 14:25 On Thu, Apr 01, 2010 at 11:49:50AM -0600, Glenn English wrote: > Is it possible to use postfix as a reverse proxy for my SMTP server? Yes, but why? > I think what I'm asking is does postfix do its UBE and protocol checks > *before* it sends to a smarthost. Yes, but when Postfix is a proxy, there is no "smarthost" involved, that is what happens when Postfix is not a proxy. In proxy mode, all SMTP transactions are proxied to a fixed downstream SMTP server which ultimately accepts or rejects the message, but Postfix gets a chance to apply its policy first. http://www.postfix.org/SMTPD_PROXY_README.html -- Viktor. P.S. Morgan Stanley is looking for a New York City based, Senior Unix system/email administrator to architect and sustain our perimeter email environment. If you are interested, please drop me a note.
From: Glenn English on 1 Apr 2010 14:50 On Apr 1, 2010, at 12:25 PM, Victor Duchovni wrote: >> Is it possible to use postfix as a reverse proxy for my SMTP server? > > Yes, but why? Because I was told over on the mailop list that it needs to be done for security reasons, and I'm looking into whether to believe it or not. Thanks to you and Noel for the speedy advice. I haven't been able to find much with google... -- Glenn English ghe(a)slsware.com
From: Victor Duchovni on 1 Apr 2010 15:48 On Thu, Apr 01, 2010 at 12:50:04PM -0600, Glenn English wrote: > > On Apr 1, 2010, at 12:25 PM, Victor Duchovni wrote: > > >> Is it possible to use postfix as a reverse proxy for my SMTP server? > > > > Yes, but why? > > Because I was told over on the mailop list that it needs to be done > for security reasons, and I'm looking into whether to believe it or not. What is the "it" that has to be done for "security reasons". Normally Postfix is a store/forward MTA not a reverse proxy, and this is likely more secure, because SMTP commands are fully generated by Postfix, rather than proxied through. If you don't need proxy-mode for non-security reasons, you don't need proxy mode. -- Viktor. P.S. Morgan Stanley is looking for a New York City based, Senior Unix system/email administrator to architect and sustain our perimeter email environment. If you are interested, please drop me a note.
|
Next
|
Last
Pages: 1 2 3 Prev: Sub-domains ignore transport relayhost Next: problems with permit_sasl and unknown_address |