Our setup consists of a public mail server (postfix) on the PSN (ie the advertised preferred MX), that for some domains needs to relay onwards to an internal MS Exchange box inside the PRO network.
I've been experimenting for some time with various configurations, trying to find one that i) works well, and ii) seems logical (most work, but I can't help feeling that there has to be a "better way" :). Currently, I have the mail server on the PSN relaying mail to an alias interface on the PSN NIC, which via a remote access filter and tunnel connects to the Exchange server. This works, but has the downside of advertising externally (via DNS for the zone) an RFC1918 address for the PSN alias interface. I've also used a configuration whereby I have the alias interface on the EXT NIC, and do much the same thing, but this was hard to get the filters right (due to the "double NAT") so that no other external hosts could connect to the Exchange server. I'm wondering if I perhaps should be using IP Pass Through, but that seems to have implications for other ports/IP addresses on the PSN and PRO? Others must be doing the same; can anyone make any suggestions about how to do this efficiently and neatly? -- Phil Dye, Technology Support Manager A L C H E M Y D I G I T A L Marketing and Communications Limited Tel + 44 (0)23 8021 3400 http://www.alchemydigital.com
