[protecting my internal mail server] Is Squid-reverse the right choice?
In my small company we are installing an internal mail server (kerio connect) which offers, among other things, a web interface. Our internet provider handles our domain emails included and it forwards us everything via smtp . For the outgoing messages, kerio connect sends'em out directly acting as a smtp server (no smtp relay) . We have of course a static IP and reverse dns is set correctly. My idea now is obviously to provide e-mail external access through the web interface but I don't like the idea of having a host on the LAN and reaching it using port forward (80 or 443). A collegue told me about a solution called reverse proxy and I noticed that pfsense supports it with a specific package so I'm here to ask how you would manage this task in the most secure way you can think of.
thanks in advance.
marcelloc last edited by
The most secure will be apache + mod_security.
Some protocol checks as well caching can be done with varnish.
I have no idea about security checks on squid-reverse.