Hi Zimbra Gurus!
I'm hoping that someone can clarify a thing that is puzzling me about deploying zimbra in my network, migrating away from an old squirrelmail installation.
I have some fairly high security requirements on my installation, and the way zimbra works, seems to clash with my preconceptions.
In my mind, to achieve good security, you should:
* Never allow anyone on the internet to send traffic directly to an internal host on your *internal* network, no matter how encrypted.
(If an internal host is hacked, it has access to EVERYTHING)
* You always make sure that traffic enters your internal network through some kind of proxy/relay, located on your DMZ.
* The external hosts on the DMZ can therefore be compromized without allowing those host complete access to internal resources.
(A dmz-hacked host will at least be a little restricted on what it can do toward the internal network)
* Also, you dont put important, sensitive data directly out on the Dmz.
BUT I cant see how I can implement the above rules with Zimbra?
Zimbra wants all the email to be stored locally on the zimbra server, it cant be configured to actually just use imap to fetch the email, and maybe cache in the database.
This seems to tell me that zimbra must be my main mailserver, with all user accounts, and because of that, I either have to :
* Allow all traffic directly from the internet to the zimbra server. ()
* Put my zimbra server, with all my users email accounts, on the DMZ ()
What I *want* is a "zimbra-proxy" on the dmz, and then keep all data on the inside.
I'd appreciate any comments/help you can offer on how I can satisfy my security requirements....