We have a Barracuda 300, and we handle this by passing off all email through
the cuda before it reaches the users' mailboxes. We have 3 email servers,
with only one hosting email accounts, and all three are at least dual homed.
1 interface on each goes to the WAN, and another connects to a separate,
private LAN. The cuda is also only on the private LAN. The backup mail
servers route all incoming mail through the private LAN to the cuda, where
it's filtered or handed off to the primary server and delivered to users.
If mail is sent from the Internet directly to the primary server, a port
redirector on that server redirects the traffic to cuda on the private LAN,
which in turn processes for spam and then passes back off to the primary
server via a different port number.
It sounds a bit confusing, but it works like a charm for us.
not a good approach, because attacks on Imail from internet flow thru
Imail and back to the MX.
Much better is this:
activate port 587 on Imail, SMTP AUTH only.
Submitters/roamers must submit to port 587.
Firewall blocks internet access to imail port 25 (or redirect port 25 to 587).
Len
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
