Proxy Demo

I'm sorry, I just don't understand what you're asking for.

Messaging Server has two pieces that we sometimes call, "proxy".

MMP: Messaging Multiplexor. This proxies IMAP and POP connections. It should not be used for SMTP proxy, unless you intend to support "POP before SMTP", and old way to authenticate, hardly used anymore.

MEM: Messaging Express Multiplexor. This proxies webmail.

Neither require Schema 1 or Schema 2. Schema 2 requires you to install Access Manager, someplace.

You may want to install a Directory replica on the multiplexor box, but it's not a requirement. You do not have to install Access Manager on that box. You do not have to install a standard web server on that box.

jay_plesset at 2007-7-7 12:00:46 >

> Sorry Jay,

>

> My english is as good as my JES knowledge

>

> I need a full proxy. I mean proxy for: IMAP, SMTP and

> communication express.

MMP for IMAP.

MEM for webmail/CE

>

> SMTP: I do this with an SMTP proxy from trend micro

> (with antispam and antivirus).

Very Bad Idea.

Install our MTA for that. Use the "aliasdetourhost" to loop messages to your Trend setup. Exposing Trend to the internet is not good. It can't tell if the message is addressed to a real user or not. Recipe for a DOS attack. There are many other reasons not to expose this device to the internet.

Trend (and the other scanner folks) build great scanners, but they are not experienced in building great SMTP servers. We don't do scanners, but we do build a great MTA.

>

> IMAP: I try MMP and it works.

>

> Communication express: This is my question.

>

> MMP only act as proxy for mail or calendar to?

Our UWC, also known as "communication express" runs on a web server. It would normally sit behind a standard web proxy, set up as a "reverse proxy", and communicate to the MEM on that same box. I realize this is starting to get complex, but, until we get the next version out, it's going to be complex.

>

> How I will install MMP?

You have already installed MMP, if you proxy IMAP.

>

> Thanks

jay_plesset at 2007-7-7 12:00:46 >

<snip>

> > to the internet is not good. It can't tell if the

> > message is addressed to a real user or not.

> Recipe

> for a DOS attack. There are many other reasons not

> to

> expose this device to the internet.

>

> Trend (and the other scanner folks) build great

> scanners, but they are not experienced in building

> great SMTP servers. We don't do scanners, but we

> do

> build a great MTA.

>

>

> Uhmmm, I have to test. It seems better but add more

> dificulty.

Yes, it's slightly more difficult, but it's a lot better, especially if you have more than just a few users on your system.

I run a small system. I reject at connection time, all messages addressed to anybody other than my actual users. That's on the order of 90% of what comes my way.Imagine how much additional cpu,memory and disk I'd need to process all that, and send back DSN for each bad address. Imagine how many users outside my system would be unhappy getting blowback from messages with forged "from" addresses.

It's very important to only accept messages for users that you actually service. It's not just 'good practice', it's truly important, now.

Trend accepts anything you offer it.You need to insulate it from having to do that.

>

> >

> > IMAP: I try MMP and it works.

> >

> > Communication express: This is my question.

> >

> > MMP only act as proxy for mail or calendar to?

>

> Our UWC, also known as "communication express" runs

> on a web server. It would normally sit behind a

> standard web proxy, set up as a "reverse proxy",

> and

> communicate to the MEM on that same box. I realize

> this is starting to get complex, but, until we get

> the next version out, it's going to be complex.

>

>

> I don't understand this part.

>

> I have to install an standard web proxy and MEM? So

> the final picture is a server with:

>

> MMP (Imap)

> MEM (web mail proxy typical 8080 port)

> Apache proxy (port 80 redirect to internal UWC ?)

It truly depends on what you're setting up.

If you want to use UWC, AND you have more than one store backend, then you need

the web server container with UWC installed on it.

MEM

You already need MMP for imap.

I think you need the MTA.

You may or may not have all this on one box. Big systems have it on many boxes.

None of us that regularly contribute to this forum are truly expert in architecting large systems. It might help us to help you if you gave us some idea of the scale of what you're trying to do.

>

> 'm so confused about that...

>

> Do you now when 2006qX have to be released?

I can't tell, exactly. It's due out sometime after the first of the year, subject to delays. It's in beta, now.

>

> >

> > >

> > > How I will install MMP?

> >

> > You have already installed MMP, if you proxy IMAP.

> >

>

> My mistake, I was talking about MEM

Yes, as I said abov e, you'll likely need MEM.

>

>

> >

> > Thanks

jay_plesset at 2007-7-7 12:00:46 >