Virtual host "lite"?

From: Schmuck (yamahasw40_at_latinmail.com)
Date: 10/16/03


Date: 16 Oct 2003 14:56:00 -0700

Hi all,

Short version: Is there a daemon that runs over linux that will
redirect an incoming we request based on DNS name, preferably
something lighter than Apache, so that users who access
"http://webmail.domain.com" will automatically be redirected to port
:443. However, people who access "http://www.domain.com" will be
forwared to an external server on the same port?

Long (somewhat humorous) version:

As (yet another) "Interrim measure" in the dog's breakfast that is our
corporate DMZ... (It will stop being "Interrim" when the 5 year old
recycled beige PCs running our core network infrastructure finally
fall over and the Boss works out what a "server" is.. not that I'm
bitter or anything)...

Uh-hem.

Anyway. As an interrim measure I have installed and configured a
webmail box and stuck it in the DMZ. Our DMZ is basically one rather
minimal Linux box that runs our external DNS as well as acting as a
second firwall. All incoming services hit this box and it farms off
all the other services to a "secure"(ish) private network behind it
(netfilter DNATs by port.)

ie.
ports 143, 22 and 25 go to our mail/ftp server (redhat linux)
port 80 goes to the web server (Windows NT 4 with MS IIS)
port 443 now goes to the webmail server. (Redhat 9.0, apache 2.0.40,
horde, imp, php 4.2.1, OpenSSL)

So

http://www.domain.com gets directed to the webserver
https://www.domain.com gets directed to the webmail server.

So do mail.domain.com, webmail.domain.com, smtp, imap etc. As they are
just aliases to one of our limited number of outfacing IPs, and the
boss won't buy more.

All well and good.

What I want to do is have conections to port 80 to a different DNS
name (but with the same external IP) redirected to the webmail server.
So if our users type in http://webmail.domain.com rather than
(http://) they will still get what they expect, rather than calling up
the helpdesk and yelling "WEBMAIL DOESN'T WORK" every 20 minutes.

I'm looking for something that I can install on the DNS/Firewall that
will give me this funcionality. I know that the Virtual hosting of
apache can do this, but this is after all a bastion host and I want to
keep it as bare as possible.

Note that I can't make any modifications to the web server... not even
an html edit. It was set up by people from another planet and thus
can't be touched by human hands.

Thanks in advance.

Matt