> What I would like to do is this kind of network setup: > > internet > | > Gateway > / \ > MX/HTTP LAN > > This is pretty much a firewall with 3 legs one to the internet, one to your lan and one to your dmz. Honestly this is a pretty good scenario for most medium to large business.
> Now From the firewall, I would not allow the MX/HTTP server access the LAN > at all, via iptables, and they will be on different subnets. > > So what I want to do is setup the MX (Currently going to be exim, but open > to suggestions) to accept incoming mail for our domains, then have > fetchmail on the LAN pickup the mail from MX every few minutes, after its > been scanned for viruses/spam etc. > How would I accomplish this? > What would be the best tools in debian woody? > Are there better/easier ways to do this? > I would prefer having postfix, spamassassin, anomy in a mail gateway, I guess you go with what you know. All mail would be sent straight to your real mail server. You wouldn't need procmail all you'd need to do is modify the transport to point to your mail server on the lan. > I can't find anywhere in exim to set this up to accept mail for anyone > @ourdomain.com.au, then have procmail pick it up and delivery it to the > lotus servers smtp. > > Or would it be best to have all mail users on the MX machine, as well as > the lotus server? this would be a bit of a pain in the ass, but I could > understand for spam reasons.... > > I guess the idea is to make it a DMZ, where it cannot get on the LAN by > any means (Well that's my interpretation of a DMZ). > > Cheers, > > Scott > > -- > Scott Ragen > Support Manager/IT Administrator > Roadtech Systems > www.roadtech.com.au > PH: +61 2 9807 3516 FAX: +61 2 9808 5294 -- Regards, Kevin Saenz Spinaweb I.T consultants Ph: 02 4620 5130 Fax: 02 4625 9243 Mobile: 0418455661 Web: http://www.spinaweb.com.au -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
