Hi,
I'm inclinded to agree with Aleksandar - I'm about to embark on something very similar and will do this:
Have a Linux firewall running Cyrus, Sendmail, etc, etc. that's connected to internal LAN and external 'net via 2 different interfaces. Of course this will do standard firewall stuff and run webserver with a webmail client (IMP and Squirrelmail work well) accessable from inside/outside.
External ports will be blocked with the exception of Web, SMTP, SSH, etc. IMHO it's also OK to allow imaps and pops. I run TLS on the sendmail and will allow sending through here if a connection authenticates.
So, either internally or externally one can use the webmail client, or an imap/smtp client so long as they authenticate securely. If you tweak your internal DNS so that mail-or-whatever.yourco.com resolves to the public IP externally, and private IP internally then clients won't even have to change settings when out on the road.
Have also been toying with VPNs and tried the Tincd server with some success.
Have read around the place that CIPE and IPSec have been broken, but if someone
knows different (Aleksandar?) I'd love to hear :)
Cheers,
Robin
Quoting Aleksandar Milivojevic <[EMAIL PROTECTED]>:
Charles Marcus wrote:So, to summarize, we will have two Cyrus IMAP servers, one Public, one Private. Most employee access will be from the internal, office LAN, but with occasional access from the internet (home, vacation, etc), so the Mailboxes on both servers must be kept in sync. Short delays (up to a few minutes) in the sync process are acceptable.
Have you thought of implementing something simpler and more standard?
[ snip ] --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
