Results 1 to 4 of 4

Thread: To Proxy or Not To Proxy?

  1. #1
    nimble7 is offline New Member
    Join Date
    Nov 2010
    Posts
    3
    Rep Power
    4

    Default To Proxy or Not To Proxy?

    I have my Zimbra server up and running and I LOVE IT. The webmail access does everything I could ever ask for and more.

    While the documentation does a good job in walking through setup, I'm looking for resources on how to protect my data on the box. Should I set up a proxy for it? (The box is currently in my DMZ). Is that a bad spot for it? Besides a firewall, what else should I consider?

    What's a good place for me to start learning how to secure this box?

    Thanks!

  2. #2
    Krishopper is offline Dedicated Member
    Join Date
    Dec 2006
    Location
    Minneapolis MN
    Posts
    777
    Rep Power
    9

    Default

    The first place to protect it would definitely be the firewall.

    The proxy service has had issues with http/https in the past, and always hasn't been the most recommended way to do things, but it does work. You could install MTA's and Proxy (web/pop3/imap) in the DMZ, and keep the Zimbra mailbox and directory servers in the private region of your network. I'm not sure how many servers you have to work with, or what your security requirements are (for example, if you have to deal with audits). But typically just getting a firewall set up is usually enough.
    01 Networks, LLC / Cybernetik.net
    Zimbra NE and OSS Cloud Hosting
    Shared Web Hosting
    Consulting Services

  3. #3
    nimble7 is offline New Member
    Join Date
    Nov 2010
    Posts
    3
    Rep Power
    4

    Default

    Thanks Krishopper. I'm a guest on a corporate network, but I'm the only user and the only mail account on the box. I don't have to worry about audits, but I definitely need to protect the data.

    Their firewall blocks everything but 25, 443, 587, and 993. I Iptables off everything except for 25 so that I can only access them from trusted IPs. (There are certainly advantages of being the only user on the box)

    I'm curious what added benefit a proxy would have. Also, I'm denying traffic from other boxes in the DMZ, so is there an advantage to putting a proxy in place and moving my mail server back in to the private network?

    Thanks!

  4. #4
    Krishopper is offline Dedicated Member
    Join Date
    Dec 2006
    Location
    Minneapolis MN
    Posts
    777
    Rep Power
    9

    Default

    The benefit of the proxy is that it will proxy POP/IMAP traffic to the proper mailbox host, so you can move mailboxes around (more of a network-edition feature) and you don't have to always change around the hostnames which people connect to.
    01 Networks, LLC / Cybernetik.net
    Zimbra NE and OSS Cloud Hosting
    Shared Web Hosting
    Consulting Services

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Multi server proxy problems
    By rabettle in forum Administrators
    Replies: 1
    Last Post: 06-10-2011, 11:37 PM
  2. Imap Proxy - Help
    By thiagotgc in forum Installation
    Replies: 5
    Last Post: 06-02-2011, 04:30 PM
  3. Replies: 3
    Last Post: 03-20-2008, 02:50 AM
  4. Replies: 1
    Last Post: 01-02-2008, 09:31 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •