Thanks to everyone (but especially Scott and Len), I now have my IMGate successfully filtering to my Exchange box. Does that make it "ExchGate"?
WOW AM I IMPRESSED IS THIS SLICK OR WHAT I've known for quite a while that this is a "better way" to go than client-side and it's taken a little bit to get organized (get a server set up for Unix, etc.), but is this ever cool! I'm currently auditing all of the policy rejects (to a dedicated mailbox - and compared to most of you, I'm a very low-volume site), and not one thing that looks close to a false positive and several hundred rejects. (A few spam are still slipping in, but that's because we have some addresses .forwarded from other ISPs and they can't be a fully checked, but we're working on that, too.) I have [another] question... where is the SAV documentation? -- Or, if you really want to be specific can I turn it off/on by either connecting host (i.e. SAV all attempts from x.y.z.a but not from y.x.z.q), by sender (SAV anybody claiming to be @hotmail.com) or by recipient (SAV anybody writing to [EMAIL PROTECTED]). Thanks again for all the insight over the past months. - Byron -----Original Message----- From: Scott Muller [mailto:[EMAIL PROTECTED] Sent: Monday, July 07, 2003 11:45 PM To: [EMAIL PROTECTED] Subject: [IMGate] Re: Postfix / IMGate Configuration Hi Byron .. > My main mail domain is byronetta.com >=3D20 > The MX records point to mail.byronetta.com 198.235.200.78 >=3D20 > The firewall NATs 198.235.200.78 to the private=3D20 > IP of my Exchange MTA at 192.168.71.3 >=3D20 > =3D20 >=3D20 > IMGate/Postfix has an IP of 192.168.71.21 =3D20 > (behind the firewall). >=3D20 > I will change the firewall to NAT the=3D20 > 198.235.200.78 to IMGATE instead of Exchange...=3D20 >=3D20 Good ! > =3D20 >=3D20 > So, a sending MTA will contact 198.235.200.78=3D20 > (which will actually be 192.168.71.21),=3D20 >=3D20 > IMGATE will either accept or reject the mail, and deliver it,=3D20 > if accepted, to 192.168.71.3. >=3D20 > =3D20 >=3D20 > (As it stands now, 192.168.71.21 (IMGate) can deliver to 192.168.71.3 > (Exchange) just fine; >=3D20 > I get nightly reports.) >=3D20 > =3D20 >=3D20 > So >=3D20 > Mydestination must include byronetta.com (defined as > $mydomain) Change that to mydestination =3D3D $myhostname, localhost.$mydomain IMGATE receives no mail locally, it is all realyed to the exchange box >=3D20 > Proxy_interfaces must include the outside address > (198.235.200.78) >=3D20 > Inet_interfaces is left to all (there is only one) >=3D20 > =3D20 >=3D20 > Relay_domains has to contain $mydestination (or=3D20 > all of the domains that I will eventually do this for),right? Relay domains should be something like this. relay_domains =3D3D $mydestination, $mynetworks, =3D20 hash:$config_directory/relay_domains Where relay_domains is text file containing Domain.to.relay BLAH Other.domain.com BLAH RHS doesn=3D92t matter, and remember to postmap the file. >=3D20 > =3D20 >=3D20 > I'm not quite sure of the role of Permit_mx_backup ? >=3D20 Don=3D92t need it. > And I'm also not sure *how* I tell postfix that=3D20 > mail it receives for Byronetta.com goes to 192.168.71.3=3D20 > (right now, it's getting that from the MX lookup.. . but once=3D20 > postfix is running, the exchange box won't be publicly listed.) Use transport maps transport_maps =3D3D hash:$config_directory/transport Where tranport is a text file cotaining the domain that is to be delivered To the exchange server on the LHS and the IP of exchange on the RHS Domain.to.relay smtp:[ip.of.exchange] Other.domain.com smtp:[ip.of.exchange] And postmap the transport file >=3D20 > =3D20 >=3D20 > Thoughts? Comments? Examples? Hope that helps.... -- Scott Muller [EMAIL PROTECTED] Senior Communications Consultant Mobile : +61 (0)4388 300 82 NetCommplete Pty Ltd Phone : +61 (0)2 6331 4773 http://www.netcommplete.com.au Fax : +61 (0)2 6331 4909 =3DA0=3D20
