I have your same feelings, Tom, doubled ;-)
I have two SMTP (postfix) server in my network. One of them acts like a real
mail gateway and does all the dirty works (antivirus, anti-spam, etc etc)
and relays the so-cleaned messages to the internal mail server. Obviuosly
everithing is under shorewall ;-)
andrea
> -----Original Message-----
> From: shorewall-users-bounces@lists.shorewall.net
> [mailto:shorewall-users-bounces@lists.shorewall.net]On Behalf Of Tom
> Eastep
> Sent: venerdi 29 agosto 2003 3.20
> To: john
> Cc: Shorewall Users Mailing List
> Subject: [Shorewall-users] Re: Network architecture
>
>
> On Fri, 29 Aug 2003, john wrote:
>
> > Was there a security issue behind your decision to put the e-mail
server
> > on the DMZ rather than on the local network?
>
> My feelings on that topic are expressed in the answer to FAQ #2
> (http://shorewall.net/FAQ.htm#faq2).
>
> -Tom
> --
> Tom Eastep \ Shorewall - iptables made easy
> Shoreline, \ http://shorewall.net
> Washington USA \ teastep@shorewall.net
> _______________________________________________
> Shorewall-users mailing list
> Post: Shorewall-users@lists.shorewall.net
> Subscribe/Unsubscribe:
> http://lists.shorewall.net/mailman/listinfo/shorewall-users
> Support: http://www.shorewall.net/support.htm
> FAQ: http://www.shorewall.net/FAQ.htm
>