David Ballester <[EMAIL PROTECTED]> writes: > > I can not see this mail in the web list archive at sourceforge, > sorry if the mail was well send yesterday to the list > > Hi to all: > > I've installed EFW with very positive results, I'm very happy but not > yet ecstasy :). > > My problem is the following: > > Due historical reasons I've a mail server in orange and another one in > green. Both has several virtual domains and not all mx records for this > domains are under our control. > > If I activate the built-in smtp antispam/antivirus features runs well, > but the outgoing mail sometimes is rejected on some destination mail > servers 'cause their own incoming mail anti spoofing features. In other > words, i can't use the smtp helo string in efw for outgoing mails due > the reasons expressed before. > > My idea is to activate the smtp proxy ar EFW level, BUT, define NAT > rules to avoid it for the outgoing smtp traffic leaving from my two mail > servers. > > My questions are: > > 1.- I think that it is possible to do it with EFW, true? > > 2.- Where I must define the NAT rules to be sure that are loaded first > before EFW rules on refresh or reboot? > > 3.- This will not affect normal EFW behavior, true? > > Thanks for your time and for EFW, too! > > Best regards >
I have multiple virtual email domains behind the efw with no problems. What I did was have all mail servers using efw as a smarthost and routing out the incoming interface. I created a PTR record for the EFW HELO hostname and SPF records for the domains behind and my mail is delivered everywhere. If EFW has a HELO of say helo.yourmail.dom then you need a corresponding mx/a record matching a PTR record that reverses to your main external interface IP or whichever IP mail flows from. If you do as above then all recipient mail servers will see the EFW as the delivery host and accept the mail regardless of the virtual host sending the mail from behind it. Make sure you create SPF records for all virtual hosts behind efw if the domains are different so that recipeints know that recipient servers checking SPF know that mail from othermail.otherdomain.dom is allowed to be sent from helo.yourmail.dom. ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ Efw-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/efw-user
