I have a customer who wishes to install a NNTP server. It is likely
that they will host internal newsgroups that will need to be protected.
The internal network is in the address range reserved for private
internetworks. They are using SOCKS for access from the internal
network to the Internet. Traffic to the DMZ is limited to ftp, http,
dns, smtp and ntp.
With that in mind is it possible to put the NNTP server on the inside
and still get a feed from an upstream provider? This solution would
eliminate the need for SOCKSified nntp clients.
Or should the NNTP server be placed in the DMZ with a registered IP and
FQDN and the clients access it via SOCKS?
I have a hunch that perhaps NAT would provide an even better solution?