Secure—Basic Architecture
This architecture (FIGURE 3-4) continues to build upon the typical architecture, adding the proxy servers for user access (that is, IMAP or POP).
Figure 3-4. Proxy Configuration With SMTP Relays and Firewall
The addition of these proxy servers extends the protocols through the firewall securely. Users must authenticate to these servers first, then they are proxied to the messaging server and only the messaging server.
Note
This configuration does not address all aspects of messaging security such as SSL, Secure Multipurpose Internet Mail Extensions (SMIME), or encrypted file system. Some of these methods are discussed in more detail later in this book. This architecture only addresses the physical and basic network layout.
Adding the proxy servers for IMAP, POP, and web mail:
Extends the messaging server externally without requiring a virtual private network (VPN).
Reduces routing workload for messaging— Some of the routing workload is being off-loaded, so messages destined for other mail servers internally or externally do not use the main messaging server.
Provides duplicate MMP and MEM servers which adds redundancy— Using round-robin DNS or a network-based load balancer, redundancy for this type of server can be accomplished.
Isolates messaging server from direct Internet access— Many hackers are well aware of exploits via SMTP and use the SMTP protocol to hack into people's networks or systems. By placing a firewall between the Internet and the mail server, a level of security is added. By no means is this 100 percent secure, but it does add some security.
Off-loads antivirus scanning from the messaging system— Antivirus scanners such as Sophos Sweep or Symantec for UNIX can be loaded and integrated with the MTA of the Messaging Server.
The main drawbacks of this configuration are:
Added server requirements— The need to manage more physical servers adds more workload for the system administrator.
Need to maintain two MTAs— The need to edit and maintain both MTAs and keep the configurations synchronized with one another adds some complexity.
Additional firewall configuration required— Due to all the ports and servers, the firewall must be configured appropriately.
Little, if any redundancy— since there is only one messaging system, there is no redundancy or little beyond that which the single system provides (that is, RAID storage or redundant power supplies). If one of the MTAs fails, messages will still queue up for delivery on the MTAs (for users) and outgoing messages will still get sent to the Internet, but no users will be able to read email. Web mail users will not have anything.