[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Protecting pop3
We did the following: - configure http authentication on the firewall. - allow rule to access apache server in the DMZ (server is not accessable until fw http authentication) - apache server is actually a *reverse proxy* server, proxying requests from webmail server located within internal network You may be able to skip the reverse proxy server if your set up a seperate OWA server in the DMZ and lock in which ports communicate to your main exchange server. Since the above solution is *not* encrypted, you should consider running SSL on the OWA server. (We are looking into stunnel ouselves) ----- Original Message ----- From: "Horst Dahlhaus" <[email protected]> To: <[email protected]> Sent: Tuesday, February 18, 2003 7:30 AM Subject: Re: [FW-1] Protecting pop3 > Hi, > > forget it. > You have no security and a open System in your DMZ. > The best way is to work with VPN. > > Horst > > > Thanks for your input. What if I install an outlook web access on my > > DMZ . > > > > -----Original Message----- > > From: Reinhard Stich [mailto:[email protected]] > > Sent: Tuesday, February 18, 2003 10:43 AM > > To: [email protected] > > Subject: Re: [FW-1] Protecting pop3 > > > > At 08:44 18.02.2003 +0400, you wrote: > > > > >Hi friends, > > > > > >I am using Checkpoint Firewall 4.1 with Nokia IP 440 and using exchange > > >5.5 as my mail system. Currently I am not enabling POP3 from out Side > > >Company. But now I am planning to enable POP3 from out side as well. I am > > >looking for some suggestion to do it as secure as possible. Any help will > > >be appreciated. > > > > hi, > > > > I wouldn't allow pop3 from outside to you mailserver. use VPN to access > > your email in a secure way. > > > > if you need pop3-access to some emails configure a forward to your ISP's > > mailbox and pop emails there. > > > > cheers > > reinhard > > > > -- > > Reinhard Stich, ASSIST [email protected] > > Internet Security AG, 1190 Wien, Nussdorfer Laende 29-33 > > Tel: +43 1 370 94 40 RS784-RIPE Fax: +43 1 370 94 40-10 > > > > ================================================= > > To set vacation, Out Of Office, or away messages, > > send an email to [email protected] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [email protected] > > ================================================= > > > > ================================================= > > To set vacation, Out Of Office, or away messages, > > send an email to [email protected] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [email protected] > > ================================================= > > > -- > Open WebMail Project (http://openwebmail.org) > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|