From: Sven Michels (no email)
Date: Fri Nov 01 2002 - 06:39:31 EST
On Fri, Nov 01, 2002 at 12:05:14PM +0100, wrote:
> I'm going to add an SMTP Spam/Viruses filtering Gateway in the DMZ to protect
> an internal Exchange server, but i'm looking for the right domain and sub-domain
> configuration changes to do.
>
> As far as I know, my SMTP gateway should be "host.domain.tld" and my internal
> Exchange server "host.subdomain.domain.tld".
is better but not required. If you have an extra domain for all internal
stuff, you can easier rewrite adresses etc. but you don't need it.
> The problem is, my present Exchange server is "host.domain.tld" and changing
> it would require changing the Active Directory by creating a subdomain,
> moving all users/computers there, etc...
>
> I read "tons" of information that are very detailled on configuring the
> SMTP filtering gateway, but not on the DNS part. Isn't it possible to do
> it in a more simple and safe manner, and, if not, has anyone already done
> it successfully ?
Just put the new postfix box in the dmz, make the MX record pointing to
postfixbox.domain.tld and tell postfix to deliver all mails for your domain
via. transport or virtual map to the internal exchange server. So your mails
will be filtered by postfix etc. and after that, instead of delivered to
a mailbox, delivered to your exchange box.
Your virtual entry would look like:
domain.tld anything
@domain.tld @exchange.domain.tld
make sure that postfix knows the host of your exchange server and do
not set a mx record for the exchange box pointing to another server.
-
To unsubscribe, send mail to with content
(not subject): unsubscribe postfix-users
|
|
|