mail server in lan and mail gateway in dmz

Started by tlafleur0, March 26, 2021, 09:17:39 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 26, 2021, 09:17:39 AM
hello everyone,
i am thinking of improving the security of my network by implementing a DMZ.

in the DMZ I would put the servers that offer external services such as webserver, mail gateway, cloud server etc.

i have a question regarding the mailserver.
i would like to keep the mailserver on the LAN and not in DMZ.
to send the mail there are no problems, i make the LAN communicate with the dmz and the mail is sent, but to receive it? to make a rule that allows the mail gateway to communicate with the LAN would not become a security risk?

how would you configure this situation?
thanks to all
March 26, 2021, 11:25:52 AM #1
Why don't use the OPNsense as Mailgateway between them?

Your Mail GW is sending the Mails to OPNsense. The OPNsense looks what Domain is it for and checks for Spam if configured after that OPNsense is sending the Mails to your Mailserver

Someone would need to Hack your MailGW first, than Hack Postfix to get access over it to your LAN
(Unoffial Community) OPNsense Telegram Group: https://t.me/joinchat/0o9JuLUXRFpiNmJk

PM for paid support
March 26, 2021, 11:41:37 AM #2
I saw the possibility of using mg of opnsense but I can not, unfortunately, change the current configuration. higher orders  :)
March 26, 2021, 11:44:05 AM #3
Okay when you can' reconfigure your MailGW there are 2 Options

1. Redirect the Streams from your MailGW to the OPNsense Postfix
2. Allow the Traffic from your MailGW to your Mailserver directly
(Unoffial Community) OPNsense Telegram Group: https://t.me/joinchat/0o9JuLUXRFpiNmJk

PM for paid support
Print
Go Up Pages1
User actions