[EMAIL PROTECTED] wrote:
Bingo. I have a similar setup in place (s/postfix/sendmail/) and I don't have my Exchange box listed as an MX at all. I also have port 25 to the Exchange box firewalled off at the router to avoid portscanning.
Not a good idea, IMHO. What happens if your SA gateway goes down for the count, and you're not around to fix it? In our case, I've documented how to change the firewall rules to allow direct connections to our internal Exchange server should the SA box go down. That way if I'm out of town for a week, my desktop tech makes the change and email continues to flow. Listing your Exchange box as a higher-cost MX doesn't really hurt anything, especially since you've firewalled your Exchange server (as any good admin should do).
Additionally, if you ever need to send directly from your Exchange server, not having an MX associated with that machine *can* cause your mail to look spammy to certain hard-line sites.
- S
