[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Mail Server in the DMZ question
- Subject: Mail Server in the DMZ question
- From: metrol at metrol.net (Michael Collette)
- Date: Tue May 18 16:16:58 2004
Many thanks to everyone who replied to my query. Lot of great ideas I've got
to mull through here.
On Monday 17 May 2004 10:57 pm, Brian Keefer wrote:
> I've seen one site implement UUCP for exactly this reason, but I think
> the potential problems with a flaw in UUCP outweigh just using an SMTP
Seeing as how I've seen a number of folks suggest UUCP, and I'm dirt ignorant
on the subject, could you explain what the pitfalls are of using it?
> As long as you've locked down your firewall to only allow the mail
> gateway to open a connection through to your trusted net on port 25
> (i.e. no other DMZ hosts are allow through in this manner) that's about
> as good as you can do.
> Look at it this way, what are you protecting against?
Nothing specifically. Just the notion of allowing any kind of request to come
from the DMZ into the secure network didn't seem right. In an ideal setup
nothing should be allowed to make a request to the internal network. At
least that's been my thinking on the matter.
> If you're
> protecting against mail being sent in, well clearly that will happen
> either way. If you're protecting against an attacker that would hijack
> the DMZ host and try to attack your internal machine via port 25, well
> yes it will stop that, but if the attacker manages to hijack the machine
> they're going to be able to do a lot worse things (snoop on all your
> mail, possibly capture passwords, etc).
> Really, the possibility that an attack would be able to make a
> successful attack using only port 25 of your internal host is very
> remote, and the possibility that they couldn't do anything else
> malicious even though they had hijacked a host is even more remote.
> Make sure you're not over architecting your environment and introducing
> unnecessary complications for very minimal potential benefit.
I can fully appreciate your concern about over architecting this thing. As I
began researching this and kept seeing UUCP getting mentioned my arms went up
in the air. I hadn't imagined it was going to get this "clever" to spool up
mail in the DMZ then request it down into the secure network. Yet another
protocol was not the solution I was hoping for.
Right at the moment I'm pretty much set up as you suggest. The purpose of my
question was to see if I could lock things down a bit tighter.
"In theory, there is no difference between theory and practice.
In practice, there is."
- Yogi Berra
Visit your host, monkey.org