Hi,
i am working with the efa since yesterday - playing around
What i realy need ist the following setup:
internet <=> email encryption gateway <=> EFA <=> exchange <=> email client
I played around with the Domain Relay, the Postfix Transport Settings and so on. I am able to configure the EFA so i takes Mails from Exchange Server and sent them to den encryption GW, but can´t configure it the same way it will recieve Mails from the Encryption GW.
An other try i played around with the above settings and changed ip adresses so it takes Mails from the Encryption GW, but cant´t sent them to Exchange
Bevore i get to detailed i just want to ask if someone already has a working config for this scenario? If necessary i can post detailed what i did and what was the failure, step by step.
Thank you in advance,
Chris
Internet <-> Encryption Gateway <-> EFA <-> Exchange -> How to set up? [FIXED]
-
- Posts: 2
- Joined: 28 Sep 2018 11:24
Internet <-> Encryption Gateway <-> EFA <-> Exchange -> How to set up? [FIXED]
Last edited by Theresienklinik on 02 Oct 2018 16:53, edited 1 time in total.
Re: Internet <-> Encryption Gateway <-> EFA <-> Exchange -> How to set up?
What is the purpose of the Encryption Gatway? To send mail out encrypted using PKI (like PGP), or send a web messenger link if PKI is not avilable and decrypt the replies?
I would recommend the inbound mail flow
Internet >>> EFA >>> Encryption GW >> Exchange, EFA is be better placed the protect you from internet attacks, DMARC, DKIM, SPF, Greylisting,RBL' etc.
Outbound I would configure Exchange >> Encryption GW >> Internet
I would recommend the inbound mail flow
Internet >>> EFA >>> Encryption GW >> Exchange, EFA is be better placed the protect you from internet attacks, DMARC, DKIM, SPF, Greylisting,RBL' etc.
Outbound I would configure Exchange >> Encryption GW >> Internet
-
- Posts: 2
- Joined: 28 Sep 2018 11:24
Re: Internet <-> Encryption Gateway <-> EFA <-> Exchange -> How to set up?
Hi thewomble,
first of all thank you for the reply.
We, as a hospital, are handling very sensitive data. Facing the german law we installed TLS and End2End Encryption (PGP and S/MIME) in our environment. Since efa is not able to handle encrypted mails, i have to place efa behind ciphermail MTA.
Today i figured out the correct settings
Logged into Webmin:
Postfix, Transport:
maildomain.de -> smtp:[mailserverip] (Exchange)
Postfix, Setting:
Local Networks: ipadreessofciphermail (Encryption Gateway)
I am not shure if adding the ip´s of both servers (ciphermail & exchange) into the hostfile did the final trick: but as i switched ciphermail to transport all mail traffic to efa bevore, i got error in ciphermail like "454 Relay access denied" and "450 4.7.1 Client host rejected: cannot find your reverse hostname".
Now, everything works fine and very well
Thank you!
first of all thank you for the reply.
We, as a hospital, are handling very sensitive data. Facing the german law we installed TLS and End2End Encryption (PGP and S/MIME) in our environment. Since efa is not able to handle encrypted mails, i have to place efa behind ciphermail MTA.
Today i figured out the correct settings
Logged into Webmin:
Postfix, Transport:
maildomain.de -> smtp:[mailserverip] (Exchange)
Postfix, Setting:
Local Networks: ipadreessofciphermail (Encryption Gateway)
I am not shure if adding the ip´s of both servers (ciphermail & exchange) into the hostfile did the final trick: but as i switched ciphermail to transport all mail traffic to efa bevore, i got error in ciphermail like "454 Relay access denied" and "450 4.7.1 Client host rejected: cannot find your reverse hostname".
Now, everything works fine and very well
Thank you!