Re: SSL SMTP Relay in DMZ
From: Adam Aube (aaube01_at_baker.edu)
Date: 02/10/04
- Previous message: Paul Johnson: "Re: exiscan-acl and clamav configuration question"
- In reply to: Curtis Vaughan: "SSL SMTP Relay in DMZ"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: debian-user@lists.debian.org Date: Mon, 9 Feb 2004 20:32:48 -0500
On Saturday 07 February 2004 03:10 pm, Curtis Vaughan wrote:
> I would like to set up a mail server in a DMZ that would accept mail
> only from those clients who have authenticated using SSL.
Do you mean authenticate using username/password over SSL, or authenticate
using an SSL certificate?
If the former, setup SMTP AUTH to handle the authentication, and if your
MTA supports TLS, use that to wrap the authentication in SSL. If not, use
Stunnel.
If the latter, have the MTA only listen on localhost. Setup Stunnel to
only accept certain certificates, then forward those connection over
localhost to the listening MTA.
> Given that they have successfully passed that criteria, then this DMZ
> mail server would pass the mail off to an internal mail server for
> further delivery.
Most MTAs support forwarding all mail to another server - just set this up
for your MTA of choice.
Adam
-- To UNSUBSCRIBE, email to debian-user-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
- Previous message: Paul Johnson: "Re: exiscan-acl and clamav configuration question"
- In reply to: Curtis Vaughan: "SSL SMTP Relay in DMZ"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
