Re: Email IP Translation

Jeffrey Fearn Thu, 21 May 1998 20:30:05 -0400
> you shouldn't be changing IP numbers around here.  rather you need to set
> your "behind the firewall" DNS up so that your NT machine is the MX host
> for domain(s) in question.  The mail server will also need to be
> configured to accept mail for these domain(s) - with an entry in the
> sendmail.cw in current sendmails. It is indeed the case that a mail server
> will only accept mail for its *IP number*, but it can also be configured
> to accept for any number of *domains* (which is the important issue since,
> for the most part, e-mail is addressed to FQDNs, not IP numbers). 
> 

OK so we should avoid network address translation here. We are in the 
process of taking our ISP connection off our NT box and putting it on 
a RedHat box, very cheap firwall, I have set up the firewall rules to 
forward smtp connection straight to the NT server. According to your 
response the NT server should handle the incomming email with no 
reconfiguration. This is what I thought, however while the firewall 
rules allow email out, email in is not handled. Here is the output of 
ipfwadm -F -l:

-------------START---------------
IP firewall forward rules, default policy: deny
type  prot source               destination          ports
acc/m all  192.168.0.0/16       anywhere             n/a
acc   tcp  anywhere             192.168.2.2          1024:65535 ->
smtp acc   tcp  192.168.2.2   anywhere             smtp ->1024:65535
acc   tcp  192.168.2.2            anywhere      http-> 1024:65535
acc   tcp  192.168.2.2         anywhere telnet -> 1024:65535
deny  all  anywhere             anywhere  n/a   
-------------END---------------

192.168.2.2 is the NT serevr. Given that a) the NT server handels 
mail for this domain now, b) that the firewall should be transparent 
to the NT server, c) that there is no domain name changes, this 
configuration should work. Any help is _very_ welcome :)


Thank you, Jeffrey.

----------------------------------------------------
Jeffrey D Fearn Esquire
Network Administrator
GWR Com Cor Australia
[EMAIL PROTECTED]
----------------------------------------------------


-- 
  PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
         To unsubscribe: mail [EMAIL PROTECTED] with 
                       "unsubscribe" as the Subject.
Re: Email IP Translation

Reply via email to
