On 2009-10-04 Sahil Tandon wrote: > On Sun, 04 Oct 2009, Ansgar Wiechers wrote: >> On 2009-10-04 mouss wrote: >> >>> anyway, it is ok to relay mail from the DMZ to the LAN. >> >> No. > > Why?
Because violating the DMZ is never okay without a Damn Good Reason(tm). That's firewalling 101. If you allow inbound connections from untrusted to trusted networks, there's no point in having a DMZ in the first place. Regards Ansgar Wiechers -- "Abstractions save us time working, but they don't save us time learning." --Joel Spolsky
