Mail Gateway Setup Question
in [Postfix]
|
Prev: C.H.E.A.P....M.A.R.L.B.O.R.O....C.I.G.A.R.E.T.T.E.S......
Next: Multiple instances of Postfix with different main.cf files
From: swu30 on 4 Aug 2007 12:27 I currently have a postfix box handling all of the in/outbound email. I have a single MX record on the internet that points to mail.mydomain.com. Pretty basic, it all works. I would like to setup an inbound mail gateway to do spam/av filtering and then pass on what's leftover to our internal mail server. My question has to do with inbound connections to my mail gateway and the $myhostname variable in main.cf in my gateway box. We are behind a NAT and firewall. During the SMTP process anyone sending to us will look up our MX which will resolve to mail.mydomain.com which will point to an IP. IP on port 25 will get NATed to the gateway box. My question is, does the $myhostname have to match mail.mydomain.com for INBOUND mail? Is there a mechanism in the sending server that says "hey, you aren't mail.mydomain.com" and will drop the connection? I've looked through our current postfix setup and I don't see that check being made for mail that I am sending out. Our current mail server will continue to SEND mail, so it does need to keep the $myhostname=mail.mydomain.com. I can't have two boxes with the same $myhostname since they will be talking to each other, can I? Hope I made this somewhat clear. I know I'm not the only one doing this. I just don't want to break anything. Any thoughts on this would be appreciated. Thx!
From: Trix on 13 Aug 2007 23:48
On Aug 5, 2:27 am, "sw...(a)hotmail.com" <sw...(a)hotmail.com> wrote: > I currently have a postfix box handling all of the in/outbound email. > I have a single MX record on the internet that points to > mail.mydomain.com. Pretty basic, it all works. > > I would like to setup an inbound mail gateway to do spam/av filtering > and then pass on what's leftover to our internal mail server. My > question has to do with inbound connections to my mail gateway and the > $myhostname variable in main.cf in my gateway box. We are behind a NAT > and firewall. > > During the SMTP process anyone sending to us will look up our MX which > will resolve to mail.mydomain.com which will point to an IP. IP on > port 25 will get NATed to the gateway box. > > My question is, does the $myhostname have to match mail.mydomain.com > for INBOUND mail? Is there a mechanism in the sending server that says > "hey, you aren't mail.mydomain.com" and will drop the connection? I've > looked through our current postfix setup and I don't see that check > being made for mail that I am sending out. > > Our current mail server will continue to SEND mail, so it does need to > keep the $myhostname=mail.mydomain.com. I can't have two boxes with > the same $myhostname since they will be talking to each other, can I? > > Hope I made this somewhat clear. I know I'm not the only one doing > this. I just don't want to break anything. Any thoughts on this would > be appreciated. > > Thx! The $myhostname doesn't need to be the same as the servername at all, and it doesn't actually matter in terms of mail receipt either. As long as port 25 for the host in the MX for mydomain.com will accept a mail connection, it's all good. There's no checking for servername at all at the sender side. Zillions of ISPs use completely unrelated hosts on different namespaces to accept mail for a given domain. The recieving host IP (and the name it resolves to, if available) is used for logging the connection - $myhostname really just configures how the server replies to the HELO (or how it issues its own). But I don't know why you don't just point your MX to gateway.mydomain.com instead (as long as that also has an A or CNAME record). Your user mailserver doesn't need an MX to send mail wherever it likes on the internet, although if you're concerned about it, you could relay outbound mail via your gateway as well. |