HCLSoftware Digital Solutions Community

Domino server in DMZ without mailfiles (how to redirect)

HCL Domino Domino Forum

hcl-bot October 3, 2008, 6:53am 1

Hi,

We have a domino server in the DMZ zone.

and we have several mail servers in our LAN

The mailfiles resides on the internal servers (LAN), there are no replica’s in de dmz zone.

Is it possible to access the mailfiles by using the WEBMAIL(inotes) client and redirect or passthru?

How do we have to set this up?

Thanks

Vanessa

hcl-bot October 3, 2008, 8:42am 2

Subject: Domino server in DMZ without mailfiles (how to redirect)

I’ve asked this question directly of lotus support over the years and the answer is no…

hcl-bot October 5, 2008, 1:09pm 3

Subject: RE: Domino server in DMZ without mailfiles (how to redirect)

are there other possibilities?reverse proxy f.e.?

Thx

Vanessa

hcl-bot October 6, 2008, 7:47am 4

Subject: RE: Domino server in DMZ without mailfiles (how to redirect)

None that I’m aware of…

sorry…

hcl-bot October 8, 2008, 8:40am 5

Subject: RE: Domino server in DMZ without mailfiles (how to redirect)

Of course you can set up a reverse proxy in the DMZ, that can access the internal Domino web servers. It just can’t be a Domino server. You’d need to use Apache or some commercial proxy server product for this functionality.

/Peter

hcl-bot October 10, 2008, 10:49am 6

Subject: RE: Domino server in DMZ without mailfiles (how to redirect)

Peter…so you would setup a proxy connect to your main internal Domino server for authentication and it would then redirect the user to the appropriate “spoke” domino server?

I have asked this question before of Lotus and they never mentioned a proxy server…

hcl-bot October 13, 2008, 2:20pm 7

Subject: RE: Domino server in DMZ without mailfiles (how to redirect)

Actually, what I would do is replicate all needed mail files to the DMZ server.

It should be possible to use a reverse web proxy server though, but I haven’t tried it. It might depend on how many internal Domino servers there are. Security will have to be set up as if the Domino servers would be directly internet facing. One reverse proxy server can proxy for several web servers behind it. Different servers could be set up as different paths on the proxy server.

www.proxy.com/maila/* → domino1.internat.net/mail/*

www.proxy.com/mailb/* → domino2.internat.net/mail/*

www.proxy.com/mailc/* → domino3.internat.net/mail/*

I don’t know how it would work with the mail template though. It could break it. It would have to be tested first.

/Peter