CMarcus at Media-Brokers.com
Mon Mar 7 15:29:26 EST 2005
I am trying to fugure out the best way to accomplish my goal, and ran
across the 'Murder' capability of Cyrus. Since I have already been
considering SuSE SLES9 for our servers, I guess this would be a great
fit - if it is safe and secure enough.
What I want to do is the following - maybe there is a better way to do
it? I'd appreciate any comments...
1. Public facing Web/Secure IMAP server (SuSE SLES9 running Cyrus IMAP),
behind an ISP provided firewall, with only necessary ports open.
2. Internal File/Mail server (also running SLES9, Cyrus IMAP) on a
gigabit LAN, behind another firewall that has all incoming ports closed,
and only outbound ports necessary for company business.
3. Clients/employees on internal LAN talk only to the Internal IMAP mail
server when in the office, at full gigabit (LAN) speeds (don't have to
go through a firewall bottleneck).
4. People from outside the physical office talk to the Public server.
5. I want the two servers to stay in sync at all times - although a
delay of minutes is obviously completely acceptable.
This would provide (in my mind) maximum security *and* speed for IMAP
email sessions for employees when in the office. I don't want to force
all of our internal users to access the public mail server through a
firewall if there is a way to avoid this.
Currently, we are using an outsourced email hosting provider, and the
speed, because it is all IMAP, and because we deal with a lot of large
attachments, is *very* slow. I want the new system to scream, but I am
nervous about security.
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus