>The firewall denies access to the internal network but allows certain access
>to the DMZ. The firewall in not the problem.
>
>Some internal users use the Imail box as a gateway.
So they relay their outbound through Imail to Internet. Do you have
Imail SMTP security at "relay for addresses" or "relay for local
users/domains"?
>Some internal and external users connect to the Imail box directly
"directly"? meaning bypassing the firewall?
>using POP3, IMAP or Web Mail.
>At the moment I am struggling to set the system up to allow certain IP
>addresses to use Imail as a gateway
This is really quite simple: set Imail SMTP security to "relay for
addresses", assuming everybody ib "inside ip blocks" is trusted for
relaying. They will be able to relay their outbound through Imail to Internet.
If you have other mail servers on your LAN and you want Imail to
accept incoming mail and to relay to them, put their domains + ip's
in the NT hosts file so Imail
a) accepts incoming addressed as "RCPT TO: @relayeddomain" and
b) knows the (fixed) "next-hop" ip address to relay to, per-domain.
>as well as allowing the local users to send mail externally. I am
>able to allow one or the other but not both.
When "not both" what fails where with what error msg and Imail log lines?
Local (LAN) users on "relay for addresses" ip's will be trusted to
relay their outbound through Imail. If they aren't on "relayed for
ip's", then they must use SMTP AUTH for authentication before
relaying through Imail.
At the firewall, Imail's ip would be the only internal ip able to
receive incoming SMTP protocol at its port 25. And Imail's ip would
be the only one allowed to send to any outside ip's port 25.
Len
http://BIND8NT.MEIway.com: ISC BIND 8.2.2 p5 & 8.2.3 T6B for NT4 & W2K
http://IMGate.MEIway.com: Build free, hi-perf, anti-spam mail gateways
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
