postfix-users October 2010 archive
Main Archive Page > Month Archives  > postfix-users archives
postfix-users: Re: Encrypt messages between 2 servers

Re: Encrypt messages between 2 servers

From: Jerrale G <jerralegayle_at_nospam>
Date: Tue Oct 26 2010 - 07:34:57 GMT
To: postfix-users@postfix.org

On 10/23/2010 4:20 PM, David Touzeau wrote:
> Yes i heard about VPN but in some cases in a big environnement you
> cannot play with networks and firewalls as you like.
> And there is a lot of remote sites to discuss, create VPN trought all
> theses remote sites is to complicated to maintain.
the same vpn connected to all nodes would be the perfect implementation
and, if you're able to open smtp 25, you're able to open a port for vpn
and vpn does traversal of anything good because a constant connection
flows, making no traffic unsolicited; at least one end of the node can
be opened to accept incoming vpn and the other can originate the connection.
>
> yes i need to find a plugin like djigzo but djigzo is too heavy
> product (postgrey, web server... ) that requires too much components
> to implement
>
>
> Le samedi 23 octobre 2010 à 11:00 -0500, Stan Hoeppner a écrit :
>> David Touzeau put forth on 10/23/2010 7:30 AM:
>> > Yes it for a company between remote sites trough internet that need to
>> > be sure that documents cannot be opened.
>> > i know pgp but there no informations how we can hook postfix or there is
>> > not such filter that should perform this operation.
>>
>> Why don't you simply setup a VPN tunnel between the sites? This is
>> exactly the scenario for which VPN technology was created:
>>
>> http://en.wikipedia.org/wiki/Virtual_private_network
>>
>> The two routers currently in place may already have VPN capability that
>> you can simply configure in a few minutes. If not, setup a couple of
>> Linux VPN gateways, one at each site. After that, simply create a host
>> file entry on each SMTP server with the FQDN of the other and its
>> RFC1918 address, so each sends SMTP to the other over the encrypted VPN
>> tunnel.
>>
>> VPN is not new--been around for 10 years or so, and they are _widely_
>> used. Have you never heard of a VPN?
>>
>

-- good luck! Jerrale G. SC Senior Admin