On Wed, Jan 19, 2000 at 04:54:15PM -0000, Petr Novotny wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 19 Jan 00, at 9:37, Jennifer Tippens wrote:
>
[snip]
>
> Don't deliver the mail at the firewall host - route it to the internal
> host by the means of smtproutes. Don't worry about outages of
> internal servers unless they are longer than a week. qmail will
> accept the mail for the domain, keep it in queue, and forward to the
> internal server when it's online.
Elaborated:
- put your domainname in control/rcpthosts on the firewalling MX
- set your primary MX to be the firewalling box
- put domainname:internalhost in control/smtproutes
- make sure your domainname isn't in control/locals or control/virtualdomains on the
firewalling host.
Greetz, Peter.
--
Peter van Dijk - student/sysadmin/ircoper/madly in love/pretending coder
|
| 'C makes it easy to shoot yourself in the foot;
| C++ makes it harder, but when you do it blows your whole leg off.'
| Bjarne Stroustrup, Inventor of C++
