Javær wrote:
> hi all,
> i have squid 2.5 set up as a reverse proxy for our mail servers (to
> avoid having to expose our mailservers to the outside world). squid is
> acting only as a reverse proxy (accelerator), and I have
> httpd_accel_with_proxy set to off.
>
> does anyone have any advice or tips for creating the ACL's so that I
> can avoid having our squid be used as an open proxy?
>
> thanks so much!
acl mailhosts dstdomain .my.webmailserver.com # Could use a "dst" acl
with the IP address
acl mailhostPort port 80 # Assuming standard HTTP port here...
http_access allow mailhosts mailhostPort # Allow anyone to connect to
*.my.webmailserver.com on port 80
http_access deny all # Deny anything else
Additional rules needed to allow SSL connections.
Chris
Received on Fri Oct 27 2006 - 13:51:10 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Nov 01 2006 - 12:00:05 MST