sgrover at open2space.com
Sat May 27 20:50:43 PDT 2006
On Saturday 27 May 2006 20:40, Jesse Kline wrote:
> I'm working on a kolab installation here, and I have a couple questions.
> First of all, it seems to setup a number of different services (https,
> pop3, smtp, imap, ldap, etc.), and I cannot find any documentation as to
> what ports I should open on my firewall to allow all the services to
> run. I'm also not sure if the kolab install configured iptables at all
> so that I could run it in a dmz. My second question is about a web
> interface. The kolab website says that the horde interface is
> experimental, has anyone tried it? I was thinking of running another OS
> in a VM and either installing horde to connect to the Kolab imap server,
> or the horde web interface for Kolab, although I'm not sure if this can
> run on a separate machine or not.
:) You REALLY should have been at the Kolab/Horde workshop... :)
Check the CLUG website, where you can find some notes from that workshop on
setting up Horde with Kolab. Or you can check my notes at
http://grover.open2space.com/node/6. I also have a post on my site about
setting up Kolab to better handle spam -
The ports in question are all the standard ports. Check /etc/services to
match up the names to the port numbers. As for opening your firewall, open
the ones you need. Probably just smtp, pop3/pop3s, and IMAP/IMAPS (I'd
recommend using the corresponding secure ports).
Your mail server is an end point. iptables is not needed. As long as the
network can direct traffic on the appropriate ports to that box, everything
will work - regardless of whether the box is in a DMZ or not. On the
otherhand, if you are putting Kolab on the box acting as the router, then
yes, you'll need to take care of iptables but that has nothing to do with
setting up Kolab.
As for mail relay, Kolab allows relay for authenticated users. I'm not sure
if you can disable this without affecting some core email functionality. You
COULD stop the relaying by blocking port 25, but then Kolab won't receive any
mail messages. (don't do that). I think this issue is in the realms of
"recommended policy", but the tech perspective is kinda iffy.... Or I need
more sleep - not shure which yet.
The experimental portions of Horde are the Kolab integration features. i.e
storing contact details in Kolab's LDAP database, and similar. With regards
to simply getting your mail, treat Kolab as an IMAP server and you're done.
It IS possible to put Horde on the same box as Kolab, but you'll have to jump
through a few more hoops.
More information about the clug-talk