[CentOS] Port Forwarding

Les Mikesell lesmikesell at gmail.com
Sat Jan 31 17:56:50 UTC 2009


Thom Paine wrote:
>
> It doesn't necessarily make sense. This entire project doesn't make
> sense. The issue is that we are sending confidential patient records
> through a private network.
> 
> Instead of using something like PKI encryption (like I use at the
> police station where I also work), this business model decided that
> all mail should be sent out their private network. Then they can check
> if the receiver should be receiving email in the first place. They
> originally wanted to take control of my mail server, and I would pick
> mail up from them for all my users and I said no to that. We are
> retaining control of our network, and mail server and relaying all
> outbound mail out this new connection. Incoming mail will transfer as
> normal from all sources except from this private network which could
> have confidential patient records, and it needs to come in this new
> connection from an authenticated mail server to my box.

If this is just for mail, why not run another instance of sendmail to 
accept and forward between connections so you get logging and a little 
more control of what is forwarded?  If you want fairly complete control 
you can run something like MimeDefang as a milter and examine it any way 
you want before accepting.  You could run this instance on a different 
host or bind it to a different IP address and/or port and perhaps 
require an ssl connection with authentication to connect.

---
   Les Mikesell
    lesmikesell at gmail.com



More information about the CentOS mailing list