在 2010-02-08一的 22:14 -0300,Alejandro Facultad写道:
> Dear all, I have a webmail which must be accesed by users from another
> network.
>
>
> The content of the webmail is not static obviously, so the content caching
> is not an advantage here. Also the webmail is just one server, not load
> balancing is important here.
>
>
> So are there any security advantage of using a Squid as a reverse proxy in
> front of my webmail ??? Because I can't see any security benefit...
At some points you can consider Squid as an application firewall, and
setup some rules like:
acl badip src 192.168.0.100
http_access deny badip
acl badsite referer_regex -i qq.com
http_access deny badsite
acl badconn maxconn 20
http_access deny badconn
acl badbrow browser -i Sosospider
http_access deny badbrow
Those may help improve some security,but it depends...
Squid is just a cache, if you don't need the cache feature, you may not
want to use it.
-- Jeff Peng Email: jeffpeng_at_netzero.net Skype: compupersonReceived on Tue Feb 09 2010 - 03:16:34 MST
This archive was generated by hypermail 2.2.0 : Tue Feb 09 2010 - 12:00:04 MST