Comment Below
-----Original Message-----
From: Len Conrad [mailto:[EMAIL PROTECTED]]
Sent: 01 November 2000 12:59
To: [EMAIL PROTECTED]
Subject: RE: [IMail Forum] Gateway Problems
>The firewall denies access to the internal network but allows certain
access
>to the DMZ. The firewall in not the problem.
>
>Some internal users use the Imail box as a gateway.
So they relay their outbound through Imail to Internet. Do you have
Imail SMTP security at "relay for addresses" or "relay for local
users/domains"?
[Myles Dempsey] Set to relay for addresses. When I set it to relay for local
users/domains it rejects the mail for the domains set in the hosts file/
trusted IP addresses.
>Some internal and external users connect to the Imail box directly
"directly"? meaning bypassing the firewall?
[Myles Dempsey] So by pass the fire wall so do not. What I meant was that
they use the Imail POP,IMAP and Web services.
>using POP3, IMAP or Web Mail.
>At the moment I am struggling to set the system up to allow certain IP
>addresses to use Imail as a gateway
This is really quite simple: set Imail SMTP security to "relay for
addresses", assuming everybody ib "inside ip blocks" is trusted for
relaying. They will be able to relay their outbound through Imail to
Internet.
If you have other mail servers on your LAN and you want Imail to
accept incoming mail and to relay to them, put their domains + ip's
in the NT hosts file so Imail
a) accepts incoming addressed as "RCPT TO: @relayeddomain" and
b) knows the (fixed) "next-hop" ip address to relay to, per-domain.
>as well as allowing the local users to send mail externally. I am
>able to allow one or the other but not both.
When "not both" what fails where with what error msg and Imail log lines?
Local (LAN) users on "relay for addresses" ip's will be trusted to
relay their outbound through Imail. If they aren't on "relayed for
ip's", then they must use SMTP AUTH for authentication before
relaying through Imail.
[Myles Dempsey] I either relay the mail for the trusted IP addresses and
reject the mail from the Internet users or accept the Internet Users and
reject the mail from the trusted IP addresses. I have not had the SMTP AUTH
turned on. If you can spare the time could you briefly explain how this
works and are there any problems that my users will start to call about.
Most user either the web based front end or Outlook Express / Outlook 2000.
Thanks again for your help.
At the firewall, Imail's ip would be the only internal ip able to
receive incoming SMTP protocol at its port 25. And Imail's ip would
be the only one allowed to send to any outside ip's port 25.
Len
http://BIND8NT.MEIway.com: ISC BIND 8.2.2 p5 & 8.2.3 T6B for NT4 & W2K
http://IMGate.MEIway.com: Build free, hi-perf, anti-spam mail gateways
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
