On Feb 5, Eric Kahklen
Do you know of any good books on Squid 3.0? or any docs out there that explain how to do this? I can send you my config file by private mail.
Setting up SSL is new to me in general so I want to make sure I can get a decent understanding of how Squid would work in this situation. I use tinyca (a gtk-perl application for Linux with GUI) for creating certificates. It's really easy with that :-)
Would the SSL session just get transparently forwarded to the Exchange box? or would there have to be some sort of authentication on the SuSE box for Squid to let it through? No, because that would make everything senseless. Squid terminates the SSL connection to the client and talks in cleartext to the Exchange box. Squid does some sanity checking on the URLs to prevent "bad" commands from reaching the Exchange server. In fact, I'd recommend to enable IMAP on the exchange box and use something like Horde/IMP webmail and NOT IIS/OWA. Apart from the calendar, everything works fine (even the address book over LDAP!). Our users have had more complaints about OWA web interface (especially when using Internet Explorer(!)) than with Horde :)
To get imap running smoothly, there is an option on the exchange server that you should enable for the, because it slows down mailbox listing a lot (it's something about "calculate exact size for each mail"). But, as someone else suggested, if there is ANY way to prevent using MS Exchange, DO IT!! It's just a pain in the ass ... Our server doesn't even start without manual intervention because the antivirus services (mcafee) are not ready when started as service, so exchange can't start automatically. Virus scanning is also done on the relay servers, which I would also recommend to you (as well as spam checking with spamassassin), especially in an outlook/exchange environment ... Markus -- __________________ /"\ Markus Gaugusch \ / ASCII Ribbon Campaign markus(at)gaugusch.at X Against HTML Mail / \