Results 1 to 4 of 4

Thread: imap/imaps reverse proxy from DMZ to LAN

  1. #1
    jimmyk is offline Active Member
    Join Date
    Feb 2011
    Posts
    25
    Rep Power
    4

    Default imap/imaps reverse proxy from DMZ to LAN

    I am currently using the EPEL Nginx package on a Centos 5.8 server to reverse proxy https connections from my DMZ to my internal LAN for external Zimbra webmail access. I would now like reverse proxy external imap/imaps connections from my DMZ to my internal LAN as well.

    Using Nginx again to try and reverse proxy the imap/imaps connections looks like it will suck some time to works out. Therefore, what other options are available to do this?

    Will Perdition or Dovecot reverse proxy an imap connection to a standalone Zimbra mail server?

    Has anyone else done this or does anyone have any advice they could offer on the best method of doing this?

  2. #2
    jimmyk is offline Active Member
    Join Date
    Feb 2011
    Posts
    25
    Rep Power
    4

    Default

    I have realised that an smtp proxy will also be required to authenticate mail clients to send mail!

    Nginx looks like it may be capable of this, but I am not sure about any other options. Does anyone have any suggestions for an smtp proxy to authenticate external mail clients with Zimbra, as well as the above?

  3. #3
    justdave is offline Trained Alumni
    Join Date
    Nov 2008
    Location
    Grand Rapids, MI
    Posts
    123
    Rep Power
    6

    Default

    If you're not worried about authenticating people right at the proxy (you're willing to let Zimbra do the authenticating) then you can probably accomplish this a the iptables level on the server with a port forward/masquerade. What gets tricky here is the Zimbra server needs to be set up to default route back to your proxy (and a static route set up for your local network on the Zimbra server).

    nginx should be capable of it, however... Zimbra actually uses nginx under the hood in the zimbra-proxy package. However, as Zimbra ships their own version of nginx, it's likely modified.

    What you might look into doing is installing zimbra-core and zimbra-proxy on your DMZ server, and let Zimbra manage the proxy (unless you have other things you need to do within nginx besides Zimbra).

  4. #4
    jimmyk is offline Active Member
    Join Date
    Feb 2011
    Posts
    25
    Rep Power
    4

    Default

    I had been starting to think that Zimbra on my DMZ server might be the easiest solution. However, my DMZ server for proxying external client connections is only a 512MB xen vm and my suspicion is that I will not handle a partial Zimbra install (but I may be wrong). Currently it runs nginx just for external Zimbra desktop connections and mobile phone web access. Is it possible that Zimbra-core and Zimbra-proxy run on a small vm server of this size?

    Ideally I would also like to be able to use yum to update packages on the DMZ server, so I have been trying to look at Centos base or epel/rpmforge packages, in the first instance.

    Authenticating people at the DMZ server would also be my preference, but I am not sure just how much additional effort this will involve.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. reverse proxy not working
    By malayo in forum Administrators
    Replies: 2
    Last Post: 04-06-2012, 11:36 AM
  2. Active Sync Via Reverse Proxy
    By tbovingdon in forum Mobility
    Replies: 1
    Last Post: 11-23-2011, 06:46 AM
  3. DMZ reverse proxy to LAN zimbra
    By jimmyk in forum Administrators
    Replies: 8
    Last Post: 05-11-2011, 06:10 PM
  4. reverse proxy zimbra
    By ojehle in forum Administrators
    Replies: 3
    Last Post: 03-13-2006, 10:48 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •