[ale] I have a Firewall problem and need help.

Jonathan Glass jonathan.glass at ibb.gatech.edu
Tue Aug 13 09:00:40 EDT 2002

I have a very similar setup.  Basically, mail flows like this:
Step 1: firewall passes the SMTP traffic to sendmail box
Step 2: sendmail box filters messages using procmail
Step 3: clean messages get relayed to Exchange box

Exchange acts as its own smart-host and sends mail via DNS lookups.

Is this close to what you are trying to do?  I can tell you how I setup the 
inbound chain, but am not sure how to force exchange to use the SAME 
sendmail box for in- and out-bound email.


At 09:45 PM 8/13/2002 +0900, Keith Hopkins wrote:
>Michael von Borstel wrote:
>>Hey Keith, I am not good very good at writing but here goes. I am wanting
>>Sendmail to route the smtp to the exchange server.
>>Exchange can send through Sendmail. The problem comes in with the names of
>>the servers. Sendmail is masq. as my exchange server and I listed the
>>servers in the I believe hosts-domains file. But when sendmail gets mail for
>>the domain it looks at the internet DNS before it at the host file (or
>>doesn't find it all) and tries to send the mail to our website at earthlink.
>>I played with it for hours and could get the mail to the exchange server,
>>but the only it would work was for sendmail to change the domain in the user
>>address. does that make any sense. thanks Michael
>Let's see if I have this right...
>at vonBorstel.net we have (1x) Sendmail_server, and (1x) SmallLimp_server....
>Mail is delivered to the Sendmail_server for vonBorstel.net, but you 
>really honestly and truely want it delivered to the SmallLimp_server.  You 
>actually want Sendmail to be a relay (beware you don't turn it into an 
>open relay).
>The Sendmail_server's (notso)SmartRelay or MailHub is set to earthsink.net.
>Am I even close?
>I think part of the answer lies in the "VirtualUserTable" where you can 
>tell Sendmail that mail to @vonBorstel.net is actually intended for 
>The trick is going to be getting Sendmail to actually relay to 
>SmallLimp_server instead of piping it to earthsink.
>Ok, I don't think I'm seeing the whole picture here.
>Q1) Who is sending mail to sendmail?  Is sendmail running on your own PC 
>and just serving you?  Is sendmail the target of mail from the internet? 
>or a dept server?
>Q2) Why would you want to deliver it to an Exchange server anyway? <kidding>
>real Q2) How does Sendmail know to deliver anything to earthsink?
>Q3) Are you using MX records in DNS?  Are you using a internal/private DNS 
>server you can modify those records on?
>Q4) Maybe having sendmail Masq as vonBorstel.net is the wrong thing to 
>do.  We want it to relay, not try to deliver locally.
>Then again, I may be going at this backwards.  Sorry, got more questions 
>and no real answers for you (yet).
>Lost in Tokyo,
>   Keith
>This message has been sent through the ALE general discussion list.
>See http://www.ale.org/mailing-lists.shtml for more info. Problems should 
>be sent to listmaster at ale dot org.

Jonathan Glass, RHCE, Linux+, Network+, A+, MCP
Systems Support Specialist II
Institute for Bioengineering and Bioscience/BME
Georgia Institute of Technology
Voice: 404-385-0127
E-mail: jonathan.glass at ibb.gatech.edu

This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.

More information about the Ale mailing list