|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Is this possible with postfix?
From: Parkhaev Vladimir (vladimir
teleglobe.ca)Date: Fri Mar 03 2000 - 17:17:20 CST
- Next message: Daniel Roesen: "Re: Is this possible with postfix?"
- Previous message: Wietse Venema: "Re: Some questions on postfix, SUMMARY"
- In reply to: Wietse Venema: "Re: Is this possible with postfix?"
- Next in thread: Wietse Venema: "Re: Is this possible with postfix?"
- Reply: Parkhaev Vladimir: "Re: Is this possible with postfix?"
- Reply: Wietse Venema: "Re: Is this possible with postfix?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Fri, 3 Mar 2000, Wietse Venema wrote:
> Parkhaev Vladimir:
> > On Fri, 3 Mar 2000, Wietse Venema wrote:
> >
> > > Have the MX record point to the external host.
> > >
> > > my.domain IN MX 10 external.my.domain
> > >
> > > On the external host, use a transport map
> > >
> > > /etc/postfix/transport:
> > > my.domain internal.my.domain
>
> Should be: my.domain smtp:internal.my.domain
>
> > > /etc/postfix/main.cf:
> > > relay_domains = my.domain
> > >
> > > On the internal host,
> > >
> > > /etc/postfix/main.cf:
> > > relayhost = external.my.domain
> > > mydestination = my.domain, internal.my.domain localhost.my.domain ....
> > >
> > > People with firewalls do this all the time.
> > >
> > > Wietse
> > >
> >
> > Hm, if I am not mistaken, with MX record pointing to external host,
> > the flow of traffic will be as follows:
> >
> >
> > +--------+ +----------+ +----------+
> > Internet ---->| Public |---->| Internal |-------> | Internal |
> > <----| SMTP |<----| SMTP | ------ | Client |
> > +--------+ +----------+ | +----------+
> > ^ |
> > |_______________________|
>
> That depends on how internal clients are set up. If you have a
> router between external and internal host, then you can prevent
> internal hosts from going to the external machine.
>
> In order to make this work smoothly you use a split DNS setup.
>
> - The internal host runs the internal DNS with an MX record that
> points to the internal host, and forwards other queries to the name
> server on the external host which talks to the internet.
>
> - The external host runs the external DNS with an MX record that
> points to the external host. The external host may have a resolv.conf
> file that points to the internal machine, in which case you can
> avoid the use of a transport table in the example above.
>
> This is a standard example in firewalls books.
>
> Wietse
>
I have the following setup (just as you describe):
External:
/etc/postfix/transport:
my.domain :[IP address of internal host]
main.cf:
relay_domains = my.domain
Internal:
/etc/postfix/main.cf:
mydestination = my.domain, internal.my.domain localhost.my.domain ....
and aliases hash with user:userserver.my.domain entries.
Internal host bounces undelivered mail messages directly outside.
I'd like to forward bounces to external host which will deliver it to
ouside world.
As soon as I add:
relayhost = external.my.domain
on internal host, all mail is sent back to external (loop).
Is there a way to achive this?
------------------------------------------------------------------
Vladimir Parkhaev, System Administrator, Teleglobe Canada
vladimirTeleglobe.CA, 514-868-7823(Ph), 514-868-8357(Fax)
1441 Carrie-Derick, Montreal, Que, Canada H3C 4S9
- Next message: Daniel Roesen: "Re: Is this possible with postfix?"
- Previous message: Wietse Venema: "Re: Some questions on postfix, SUMMARY"
- In reply to: Wietse Venema: "Re: Is this possible with postfix?"
- Next in thread: Wietse Venema: "Re: Is this possible with postfix?"
- Reply: Parkhaev Vladimir: "Re: Is this possible with postfix?"
- Reply: Wietse Venema: "Re: Is this possible with postfix?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]