Quoting "sato x" <gladiol4@gmail.com>:
> Is it reliable to place the LDAP server in a local area network,
> since my mail server located in our DMZ?
Isn't that against the whole point of a firewall!? Refuse access FROM the
external/DMZ to the local network, but ALLOW (in rare cases) FROM the local
network TO the external/DMZ?
> For a number of 300 users, will the (linux) firewall (with 100MB ethernet
> card) cope with the traffic from the mail server?
I'd say EASILY!! But on the other hand, if those 300 users get ten thousand
mail per hour, with big attachement, then I'd guess the answer is NO WAY! :)
It's just a matter how SIZE, not AMOUNT... Count yourself. On a 100MB ethernet
(which I asume is actuall 100Mb - MB is for MegaBytes and Mb is for MegaBits)
you can send 10MB (MegaByte) / second (in VERY good conditions - six/seven is
probably more resonable)... Do you send that much data TODAY? How much data
do you send today (when you know this, deduct that from seven and you know how
much is left for the mail traffic).
This is just rough numbers, but it will give you an idea on how to proceed
if you must be ABSOLUTLY SURE...
> I mean, all the authentication traffic from mail server to LDAP server.
That's also a couple of bytes (you'll have to measure that as well) for each
mail - can't remember how many queries Qmail-LDAP does per mail, but it's a
couple...
--
Nazi toluene SEAL Team 6 Treasury North Korea security Ft. Bragg
nuclear Soviet attack Saddam Hussein DES congress CIA plutonium
[See http://www.aclu.org/echelonwatch/index.html for more about this]
[Or http://www.europarl.eu.int/tempcom/echelon/pdf/rapport_echelon_en.pdf]
If neither of these works, try http://www.aclu.org and search for echelon.
Note. This is a real, not fiction.
http://www.theregister.co.uk/2001/09/06/eu_releases_echelon_spying_report/
http://www.aclu.org/safefree/nsaspying/23989res20060131.html#echelon
|