Difference between revisions of "Secure external IMAPS access via DMZ"
From Scalix Wiki
m |
|||
Line 6: | Line 6: | ||
This particular implementation uses Perdition, an IMAP/POP3 proxy. This was chosen over SSLTunnel & up-imapproxy for the following reasons: | This particular implementation uses Perdition, an IMAP/POP3 proxy. This was chosen over SSLTunnel & up-imapproxy for the following reasons: | ||
− | * SSLTunnel requires direct access to the Scalix server | + | * SSLTunnel requires direct access to the Scalix server |
* up-imapproxy only supports encryption between up-imapproxy and the IMAP server, it does not support encryption between the client and up-imapproxy. | * up-imapproxy only supports encryption between up-imapproxy and the IMAP server, it does not support encryption between the client and up-imapproxy. |
Latest revision as of 01:57, 30 April 2007
NOTE: This is currently a WIP. Please leave any corrections until I'm done.
The purpose of this article is to detail the steps taken to ensure secure communication between the end-user and the Scalix mail server, whilst hiding the "identity" of the Scalix server, via a DMZ host.
This particular implementation uses Perdition, an IMAP/POP3 proxy. This was chosen over SSLTunnel & up-imapproxy for the following reasons:
- SSLTunnel requires direct access to the Scalix server
- up-imapproxy only supports encryption between up-imapproxy and the IMAP server, it does not support encryption between the client and up-imapproxy.
the vanessa_socket src file may fail to build on x86_64 platforms.
Modify the SPEC file (/usr/src/redhat/SPEC/vannessa_socket.spec) to contain the following line.