> ...Internal systems are managed by NIS
> (the firewall is NOT an NIS client or server).
> I have two questions about this setup.
>
> (1) Must I have an internal DNS server in order to have the firewall
> function as a mail relayer to all three internal mail servers,
> or will a properly configured sendmail.cf on the firewall suffice?
> Does the Registered to Unregistered addresses pose a problem?
You SHOULD have an internal DNS server, if only on the "SMTP Mailhost" for
caching and to provide DNS service for the Macs, PC and Unix clients.
Are the quickmail and CCMail servers directly talking to the firewall, or
do they talk to the Unix mailhost, which would then talk to the firewall?
Are you planning not to run DNS anywhere but on the Firewall?
> (2a) I have read some articles describing iftp and itelnet. These appear to
> allow a user to ftp or telnet out to the Internet without having to have an
> account on the firewall. A telnet or ftp session is started by the firewall
> on behalf of the requesting user. Is there something similar (or the same) for
> the Macintosh and IBM compatible PC's?
Others will answer this, it's almost an FAQ.
> (2b) How can I run Mosaic from Unix, Mac and PC's transparently (as in 2a) to the
> user without having to provide an account on the firewall. Will the same
> mechanism from 2a provide this capability?
Proxified Mosaic. The current versions for the platforms support a
proxy server. The Mac version is not quite done. SOCKS is your friend.
This lets you use it for http and gopher but not telnet, if you set it
up so. There's a config line regarding proxying each service (X Resources,
in Unix). This can also let you telnet/ftp out through the firewall
transparently (provided your routes are setup right) while denying people
incoming connections.
chuck
|
|
