Hello, if your global goal is the security, it's a good way, to split your mail system: 1. SMTPD (Store and Proxy Mail forwarder) placed in the DMZ, without any other systems on it. but with the possibility to send trough the second firewall SMTP to the real Mail-Server. 2. The real Mailserver (I think, that sendmail is good choice) is configured only to recieve from and send to the SMTPD. Looking out for your wishes (POP3, IMAP, Web-based interface) you can install SuSE's IMAP Server on the real Mailserver. 3. To allow remote secure access to the Systems the best way is to install a VPN. If you want restict different Services for different Users you can use SecGo Solutions Crypto IP Server but it's running only on NT. There will be Linux Clients to the Crypto IP Server soon. mit freundlichen Gruessen, Oliver Grube --------------------------------------------- --IT-Secure - Mit Sicherheit gute Lösungen.-- --------------------------------------------- Security Support * oliver.grube@it-secure.de +49 2161 6897-180 * http://www.it-secure.de