Hi,
I am trying to fugure out the best way to accomplish my goal, and ran across the 'Murder' capability of Cyrus. Since I have already been considering SuSE SLES9 for our servers, I guess this would be a great fit - if it is safe and secure enough.
What I want to do is the following - maybe there is a better way to do it? I'd appreciate any comments...
1. Public facing Web/Secure IMAP server (SuSE SLES9 running Cyrus IMAP), behind an ISP provided firewall, with only necessary ports open.
2. Internal File/Mail server (also running SLES9, Cyrus IMAP) on a gigabit LAN, behind another firewall that has all incoming ports closed, and only outbound ports necessary for company business.
3. Clients/employees on internal LAN talk only to the Internal IMAP mail server when in the office, at full gigabit (LAN) speeds (don't have to go through a firewall bottleneck).
4. People from outside the physical office talk to the Public server.
5. I want the two servers to stay in sync at all times - although a delay of minutes is obviously completely acceptable.
This would provide (in my mind) maximum security *and* speed for IMAP email sessions for employees when in the office. I don't want to force all of our internal users to access the public mail server through a firewall if there is a way to avoid this.
Currently, we are using an outsourced email hosting provider, and the speed, because it is all IMAP, and because we deal with a lot of large attachments, is *very* slow. I want the new system to scream, but I am nervous about security.
Comments? Criticisms?
Best regards,
--
Charles --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
