On Sat, 29 Dec 2001, Paul Sobey wrote: > Hello everybody, > > I am a recent convert to Xmail, and have deployed it onto my backup relay. > Everything is working well, and I am keen to install the system on my > production relay. Before I do however, I'd like to discuss my config with > you, to make sure I am doing things right! > > Scenario: > Lotus Domino servers on inside network, Mail is exchanged with 2 NT mail > relays in the DMZ, which face the internet. Relays are hardened (ie all MS > services removed, acls tightened, etc.). The requirement is to route all > mail for domain aleagroup.com from the internet into the internal Domino > servers, and take delivery of all internet-bound mail and send it on to the > appropriate location. > > Currently, the setup I am using is as follows: > > server.tab > RootDomain aleagroup.com > postmaster [EMAIL PROTECTED] > errors-admin bounce@internal (triggers perl script in mailproc.tab - > mentioned above) > SmartDNSHost localhost (copy of Bind running locally)
s/localhost/127.0.0.1/ > > custdomains: > aleagroup.com.tab: > smtprelay "domrelay1,domrelay2" > > smtprelay.tab > "domrelay1" "255.255.255.255" > "domrelay2" "255.255.255.255" > > domains.tab > "internal" (used for a bounce@internal address to trigger a script to log > delivery errors) domrelay1/2 are abviously IPs > This seems to work pretty well - any host can send mail to aleagroup.com, > mentioned in custdomains, but only those in smtprelay.tab can send mail to > other addresses. Any failure email is sent to the user and a log kept in > mailroot\logs as to the failure reason since many of my users aren't the > most techinically literate :) > > Based on that, some questions: > > 1) Is it appropriate to use customains to route inbound mail like this? I > obviously don't want to configure each user on my relays with a forward - > just *@aleagroup.com to get sent inbound. It's ok > 2) Since domains in custdomains do not count as 'relaying' (ie you can send > to them if you're not in smtprelay.tab), do they bypass other xmail > processes such as filtering? No, filtering take place > 3) Is there any way that I can add custom actions for particular addresses > at aleagroup.com - e.g. can I now that I route all mail for the domain > inbound, can I make an exception that says 'for [EMAIL PROTECTED] run script > y'? Yes, create [EMAIL PROTECTED] and this will have precedence on aleagroup.com.tab > 4) I presume that aleagroup.com shouldn't be in domains.tab, since if I put > it in all inbound mail gets a 550 user unknown message. Is this correct? No, it does't have to be inside domains.tab > 5) Will xmail run happily using a non previleged account for the service? Just be sure that only XMail is running and you'll be fine. - Davide - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
