|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: Postfix and Exchange!
From: Alan Munday (postfix
brightheadtechnology.com)
Date: Tue Jan 20 2004 - 10:11:43 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> -----Original Message-----
> From: owner-postfix-userspostfix.org
> [mailto:owner-postfix-userspostfix.org] On Behalf Of
> Victor.Duchovnimorganstanley.com
> Sent: 20 January 2004 15:53
> To: Postfix Users List
> Subject: RE: Postfix and Exchange!
>
>
> On Tue, 20 Jan 2004, Alan Munday wrote:
>
> > Unless you have a firewall which allows for timed rules.
> >
>
> No firewall will create an inbound tunnel to TCP port 25 in
> response to an
> outbound TCP connection from a dynamic port to port 25 on the
> DMZ machine.
>
> Setting this sort of firewall policy (if possible) would be far more
> dangerous than permitting Postfix to connect to port 25 at will.
>
> Timed rules work for UDP and only back to the same port.
>
> --
> Viktor.
Timed is not the same as dynamic.
Some firewalls allow rule sets to be associated with time groups.
So the LAN mail server can issue its ETRN at the selected times the DMZ mail
server can then send them.
Its still not perfect but something else you can do if paranoia prevails.
Alan
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]