> Could somebody please advise what the best (easiest, fastest) way is to
> accomplish the following postfix behaviour on a mail gateway (a.k.a
> firewall) between an intranet and the Internet:
>
> * Only restricted hosts on the intranet should be able to dump mail on
> the gateway that should be delivered to the Internet (we use an SMTP
> backbone and we want only the backbone SMTP servers to be able to connect to
> the gateway for sending mail to the internet. Individual users should dump
> their email on the SMTP backbone, not directly on the firewall).
> * On the other hand, on the outside interface of the gateway, I want
> to accept email from the whole Internet for my local (virtual) domains. In
> this case, anti-relaying should be in effect to prevent us from being used
> as a relay.

You can use the standard firewall setup (as described in the faq) and only
add the backbone SMTP servers to $mynetworks. That way other internal
clients are handled just like any other internet host (which means it
doesn't relay mail to other destinations)

As for the not relaying part: Postfix doesn't relay per default. So don't
worry and be happy:)

Bye
Thomas

-- 
HELP!  MY TYPEWRITER IS BROKEN!
		-- E. E. CUMMINGS

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]