Secure external IMAPS access via DMZ
NOTE: This is currently a WIP. Please leave any corrections until I'm done.
The purpose of this article is to detail the steps taken to ensure secure communication between the end-user and the Scalix mail server, whilst hiding the "identity" of the Scalix server, via a DMZ host.
This particular implementation uses Perdition, an IMAP/POP3 proxy. This was chosen over SSLTunnel & up-imapproxy for the following reasons:
- SSLTunnel requires direct access to the Scalix server
- up-imapproxy only supports encryption between up-imapproxy and the IMAP server, it does not support encryption between the client and up-imapproxy.
the vanessa_socket src file may fail to build on x86_64 platforms.
Modify the SPEC file (/usr/src/redhat/SPEC/vannessa_socket.spec) to contain the following line.