[K12OSN] Student email
jim at winonacotter.org
Thu Dec 9 00:59:32 UTC 2004
I think a simple solution would be to setup a standard email server (any
type of setup, I like Postfix with OpenWebmail). Then decide what type of
access you want. I like webmail for offsite and clients for LAN access. So
for the Internet just don't setup any MX records, just a standard A record
for webmail access and block all ports to the internal IP other than 80
and/or 443. Then on your internal DNS server you can setup standard MX
records so that mail clients will work (unless you don't want them to).
Then nobody from outside your LAN will be able to find the server for
sending via SMTP. Of course your users would still be able to send to other
domains unless you block the server from sending via smtp at your firewall.
The following I think poses a better option: Postfix and other mail servers
have settings where you can enter in allowed domains that users are able to
send to. With Posfix you can simply check a radio button through webmin to
allow the domain to only recieve mail for the local machine only. You can
also easily enter allowed networks in Postfix for client access, only enter
the local LAN and the only people who can access the server externally are
those with a login for webmail. You can also modify the relay_domains
variable which controls what domains your users are allowed to relay to. A
quick scroll through main.cf (Postfix main config file) will quickly help
you understand what your options are.
Bottom line is Postfix gives you a ton of options for configuring who your
users can send to. If you would decide to go this way I have an excellent
link for a tutorial on setting up Postfix+SquirrelMail+SpamAssassin+ClamAV
(of course you wouldn't need SpamAssassin) on WBEL (should work easily for
any other RedHat base distro like Fedora).
This message has been scanned for viruses and
dangerous content by the Cotter Technology
Department, and is believed to be clean.
More information about the K12OSN