Page 1 of 1
To DMZ or Not
Posted: Fri Mar 23, 2007 11:32 am
by dougp23
Where is your Scalix box? No, not in the data closet!!!
I mean, is it on your DMZ with a "real" IP address?
Is it on your LAN with a non-routable IP (192.168 or others) and you have your MX record pointing at your firewall and let the firewall forward port 25 traffic to the LAN IP address?
I am just trying to get a sense of what others are doing!
Thanks!
Posted: Fri Mar 23, 2007 1:04 pm
by jaime.pinto
Ours is in a "data closet" (in fact a computer/server room), uses a "real" IP address, behind a firewall (only certain ports are let through) and it has MX entry pointing to it.
Posted: Sun Mar 25, 2007 1:39 pm
by interways2
Ours is behind a firewall on an internal IP address. The static external IP is routed to the internal IP for mail traffic (SMTP, POP, IMAP, ...), MX pointing to the static external IP.
HTTP traffic for webmail is on another static external IP pointing to our web server (internal IP, http routed to internal IP), which then proxies it to the Scalix mail server (incl. SSL).
A bit complicated, but works like a breeze...
This way, incoming/outgoing mail traffic uses our first fixed line (1mbps), whereas http traffic goes over our second fixed line (50mbps).
Chris
Posted: Tue Mar 27, 2007 6:53 am
by Kris
Our Scalix server is on the internal network, behind a firewall. Connected to the internet, there is a simple postfix/amavis/spamassassin machine to receive and sent e-mail.