[ previous ] [ next ] [ threads ]
 
 From:  Hilton Travis <Hilton at QuarkAV dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Mail Server Behind 1.0
 Date:  Wed, 18 Feb 2004 08:23:51 +1000 
Hi John,

DMX?  You been doing some stage lighting lately?  :)

OK, why is placing a server (that is often serving Internet users) in
the DMZ a bad idea.  The DMZ is designed for exactly this sort of things
- servers used for Internet users.

Its just that most of the email servers in most businesses have
employees/contractors/etc sending and receiving email from them while
offsite.

I can also understand that a number of businesses have sensitive email
on their mail server, so want it in the more protected LAN network.  But
these users also need to realize that running a mail server on the LAN
will result in Internet traffic making connections directly to a device
on your LAN, therefore weakening the security that your firewall
provides.  Especially if it is a Microsoft mail server.

As for the ports, you'll need to forward port 25/TCP to your internal
mail server's IP (DMZ or LAN, wherever it is located) for SMTP traffic,
and port 110/TCP will be needed *ONLY* if users will have POP3 access
from external to your network.  If you have webmail on this machine,
you'll also need either port 80 forwarded to the mail server or another
server providing the webmail, or another port if you already have a web
server serving web traffic.

Regards,
HiltonT 

On Wed, 2004-02-18 at 06:08, John Voigt wrote:
> You either need to put the server in your DMX (not recommended) or open
> ports 25 and 110.  You'll also need to forward ports 25 and 110 to the IP of
> your mail server on your LAN for incoming traffic to work.
> 
> John/

> ----- Original Message ----- 
> From: "Mike Herman" <m dot herman at surefit dot net>
> 
> > Hi everyone,
> >
> > We are trying a test domain behind m0n0wall 1.0.  So far it is great in
> > speed and ease of use.
> >
> > Does anyone have instruction on setting up a mail server behind the
> > m0n0wall.  We have been working on it since 1.0 came out yesterday and
> > have no luck.  We can send mail but not recieve.
> >
> > Any help would be greatly appreciated.

-- 

Regards,

Hilton Travis                   Phone: +61-(0)7-3343-3889
Manager, Quark AudioVisual      Phone: +61-(0)419-792-394
         Quark Computers         http://www.QuarkAV.com/
(Brisbane, Australia)            http://www.QuarkAV.net/

Open Source Projects:		http://www.ares-desktop.org/
				http://www.mamboband.org/

Non Linear Video Editing Solutions & Digital Audio Workstations
 Network Administration, SmoothWall Firewalls, NOD32 AntiVirus
  Conference and Seminar AudioVisual Production and Recording

War doesn't determine who is right. War determines who is left.