Feizhou wrote:
Kanwar Ranbir Sandhu wrote:
Lately I've been thinking about moving Dovecot (for IMAP) into the internal network - I'd rather not store my mail on the CentOS 4 host in the DMZ.
Why?
Because you don't want to have sensitive data in the demilitarized zone? I know that I don't want to.
- If the answer to 1 is no, what's the best way to get mail from the
SMTP server in the DMZ to an IMAP server in the internal network? Here's what I've briefly considered:
DMZ Postfix+SpamAssassin -> Internal Postfix+Dovecot DMZ Postfix+SpamAssassin -> Internal Fetchmail+Dovecot
The first one. Pinch a hole in your firewall which *only* allows smtp from that *one* host to the internal host.
- Any tutorials for this out there, or even articles, etc., discussing
using Postfix as a gateway? So far, I haven't found any that I've liked.
Look at the relaydomains and the transports tables from postfix. Make sure that your domain isn't in $mydestinations. Make sure that your domain gets relayed (and transported) to the internal mailserver.
It is a little bit involved. But first answer the question of why you want to move before we explore this.
I wonder why that should be necessary - it's his decision, and I can really understand, why he's making it.
Ralph