Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: Zimbra webmail, separate in a dmz server

  1. #1
    fjmarquez is offline Junior Member
    Join Date
    Jul 2011
    Posts
    8
    Rep Power
    3

    Default Zimbra webmail, separate in a dmz server

    Hi friends,

    I want configure the webmail part of zimbra on a server in DMZ, separate of all other components. The idea is keep the webmail component apart of all zimbra components, as currently I have squirrelmail.

    Does it possible?

    I have been reading the multi-server installation guide: http://www.zimbra.com/docs/ne/latest...on_Server.html

    but I don't find any relative to a webmail package.

    Regards

  2. #2
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    Quote Originally Posted by fjmarquez View Post
    I want configure the webmail part of zimbra on a server in DMZ, separate of all other components. The idea is keep the webmail component apart of all zimbra components, as currently I have squirrelmail.

    Does it possible?
    The simple answer is, that's not possible.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    fjmarquez is offline Junior Member
    Join Date
    Jul 2011
    Posts
    8
    Rep Power
    3

    Default

    then, all my mails should be in DMZ for can offer an external webmail service? This is buggy from a security point of view....

  4. #4
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    Quote Originally Posted by fjmarquez View Post
    then, all my mails should be in DMZ for can offer an external webmail service?
    Then don't put it in the DMZ.

    Quote Originally Posted by fjmarquez View Post
    This is buggy from a security point of view....
    No, it not - put the server in your LAN.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  5. #5
    fjmarquez is offline Junior Member
    Join Date
    Jul 2011
    Posts
    8
    Rep Power
    3

    Default

    Quote Originally Posted by phoenix View Post
    Then don't put it in the DMZ.

    No, it not - put the server in your LAN.
    If I do it, I'm allowing access from external sources directly to my LAN.

    The DMZ is designed for hosted services wich can be accessed from remote clients, as a webpage or as a webmail.

    If you put the webmail + mailstore in DMZ, you are storing the mails in a "non-secure" area.

    If you put the webmail + mailstore in LAN, you are allowing direct access from the world and your LAN, so If your server is compromised, the hacker has access to your internal network.

    The mails of users should not be in DMZ. And webmail should not be in LAN...

    ...

  6. #6
    andy204 is offline Senior Member
    Join Date
    Jul 2010
    Location
    Austria
    Posts
    59
    Rep Power
    4

    Default

    Quote Originally Posted by fjmarquez View Post
    Hi friends,

    I want configure the webmail part of zimbra on a server in DMZ, separate of all other components. The idea is keep the webmail component apart of all zimbra components, as currently I have squirrelmail.

    Does it possible?

    I have been reading the multi-server installation guide: http://www.zimbra.com/docs/ne/latest...on_Server.html

    but I don't find any relative to a webmail package.

    Regards
    Quote Originally Posted by phoenix View Post
    The simple answer is, that's not possible.
    you can use squirrelmail if you do a setup like this:

    squirrelmail -> mailproxy (e.g. perdition) -> zimbra store

    if you have multiple backends you need some database / ldap where the mailhost of the user is stored.

    kind regards

    -andy

  7. #7
    fjmarquez is offline Junior Member
    Join Date
    Jul 2011
    Posts
    8
    Rep Power
    3

    Default

    Quote Originally Posted by andy204 View Post
    you can use squirrelmail if you do a setup like this:

    squirrelmail -> mailproxy (e.g. perdition) -> zimbra store

    if you have multiple backends you need some database / ldap where the mailhost of the user is stored.

    kind regards

    -andy
    I want replace squirrelmail, I don't want continue using it, but I don't understand why, an enterprise-level mail system as zimbra doesn't allow this configuration itself.

  8. #8
    andy204 is offline Senior Member
    Join Date
    Jul 2010
    Location
    Austria
    Posts
    59
    Rep Power
    4

    Default

    humm, you are using OSE or NE edition?

    if you are using NE then why should that not be possible?

  9. #9
    fjmarquez is offline Junior Member
    Join Date
    Jul 2011
    Posts
    8
    Rep Power
    3

    Default

    Quote Originally Posted by andy204 View Post
    humm, you are using OSE or NE edition?

    if you are using NE then why should that not be possible?
    You are saying that is not posible.... I've been reading the doc for multi-server installation and I don't found reference to a webmail component, so I don't know how can I separate the webmail from mailstore.

    My idea is:

    DMZ: MTA + webmail

    LAN/BACKEND: Mailstore and all other components

  10. #10
    andy204 is offline Senior Member
    Join Date
    Jul 2010
    Location
    Austria
    Posts
    59
    Rep Power
    4

    Default

    ah, now i understand.. you want the the complete webmail component on an external server, not just the proxy?

    sorry, was a misunderstanding.

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. ZCS7 Beta only Listens on IPv6
    By tobru in forum Installation
    Replies: 2
    Last Post: 03-25-2011, 03:31 AM
  2. Issues after upgrading from 6.0.10 to 7
    By rhorist in forum Administrators
    Replies: 8
    Last Post: 02-25-2011, 08:38 AM
  3. fatal: parameter "smtpd_recipient_restrictions"
    By Robin in forum Administrators
    Replies: 8
    Last Post: 12-22-2010, 05:48 AM
  4. Replies: 31
    Last Post: 12-15-2007, 09:05 PM
  5. 4.5 Upgrade failure
    By brained in forum Installation
    Replies: 9
    Last Post: 03-03-2007, 03:30 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •