[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Mail Proxy. Anyone can help me?
I haven't played with FW-1's SMTP forwarding. The reason I haven't investigated it is this: suppose your FW or internal Exchange server (I could be wrong about this as I haven't played with it but I suspect that I am correct) drop. Mail then begins to bounce. With the external relay, mail will at least queue until the internal server is available again. I suppose you could work around this you have a HA FW solution and if it's possible to cluster Exchange servers internally but postfix on a couple of Linux or Free BSD boxes has a nicer price tag. Chris -----Original Message----- From: Toth, David [mailto:[email protected]] Sent: Tuesday, January 23, 2001 2:22 PM To: 'Chris Arnold'; 'Carlo Malandrini'; [email protected] Subject: RE: [FW1] Mail Proxy. Anyone can help me? Chris, Could Carlo use FireWall-1's SMTP Security Server to accept SMTP mail directed to the firewall and then forward the email to an internal SMTP server? If Carlo could do this, what would be the advantages or disadvantages of doing it this way? Dave -----Original Message----- From: Chris Arnold [mailto:[email protected]] Sent: Tuesday, January 23, 2001 1:39 PM To: 'Carlo Malandrini'; [email protected] Subject: RE: [FW1] Mail Proxy. Anyone can help me? Personally, I'd keep the Exchange serve inside, set-up postfix or sendmail on a *nix box(es) on the DMZ, only allow inbound connections to Exchange from the external mail server and correctly set-up relaying on both boxes. My $.02. Chris -----Original Message----- From: Carlo Malandrini [mailto:[email protected]] Sent: Tuesday, January 23, 2001 12:42 PM To: [email protected] Subject: [FW1] Mail Proxy. Anyone can help me? Importance: High Hi everybody, I am a rookie in security solution deployment so I hope that someone can help me. My company is planning to install Check Point FW-1 as corporate firewall to protect its business from the bad guys of the Internet and we already have MS Exchange Server 5.5 as mail sistem. We plan to leave the mailserver in the internal network, but we are just wondering if it is a safe behavior to allow external mail servers to connect to ours directly through the firewall or if it better to install a mail proxy (maybe set up in a dmz) with the task of accepting inbound mail connection. In the latter case, this mail proxy should be skilled enough to detect some evil behavior (spamming, relaying, bad mail protocol systax and so on). Thanks in advance Carlo Malandrini ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|