> > 127.:allow,RELAYCLIENT=""
>
> For those hosts which are allowed to use this machine
> as an outbound
--------
Actually, here Qmail is supposed to be an inbound relay. The servers behind
the firewall sends out smtps directly. So in this case too, will the
tcp.smtp be like below you said?
> relay, add them to this file. Based on what you say below, it looks like
> you have two internal mail servers, so you add these two lines:
>
> 10.21.200.200:allow,RELAYCLIENT=""
> 10.21.200.201:allow,RELAYCLIENT=""
>
> There is documentation for this format at
> http://cr.yp.to/ucspi-tcp/tcprules.html. Once you've modified the file,
run tcprules like this:
>
> tcprules /etc/tcp.smtp.cdb /tmp/tcp.smtp.tmp < /etc/tcp.smtp
>
> And then just make sure your tcpserver invocation of qmail-smtpd has
> '-x /etc/tcp.smtp.cdb' in it.
--------
These are ok. It's in the invocation line.
>
> You say tcpwrappers above, and I'm giving instructions for tcpserver
> which is part of ucspi. If you meant tcpserver/ucspi, then this is okay;
if
--------
Right. I'm using ucspi wrappers.
> not, you'll need to find the right way to do the equivalent with
> tcpwrappers. All you're doing is setting the RELAYCLIENT environment
> variable for the invocation of each qmail-smtpd process. And if you're
> using tcpwrappers, you don't care about tcp.smtp but rather hosts.allow.
>
> > control/smtproutes
> > ----
> > mycompany.com:10.21.200.200
> > my2ndcomp.com:10.21.200.201
> > ----
>
> You'll probably want to quote those domain literals, like such:
>
> mycompany.com:[10.21.200.200]
>
> I'm not completely sure that's necessary, but I think it is.
--------
I thought the same way before too, but I've this notation in another
server's file. And afterall, according to log files, it does connect to that
server without specifying []s.
-Ali
