seeking advice on best mail server configuration

clau_bolson · 04-13-2004, 06:05 AM

One of our clients - I work at an ISP and give broadband service - will have one public IP address.
Till now, they have another provider who gives them at least two public IP addresses, and one of them is assigned to their mail server - MS Exchange on Win 2000. They can't change that.
The machine that will have the public IP address and will act as router is running Suse Linux. It is already in production.

Desired behaviour is:
- incoming mails are relayed to the Exchange machine, that will now be part of the internal network.
- Linux machine should be running sendmail to issue its messages.

So,
1. which would be the best way to do this? (they have ipchains, not iptables)
2. Is there a way to configure their DNS zone (which I will hold in my server) to point to an internal machine in their network? (they have a DNS server too, I don't know how it is configured).

Thanks.

nmh+linuxquestions.o · 03-05-2007, 04:55 AM

Quote:

Originally Posted by clau_bolson

One of our clients - I work at an ISP and give broadband service - will have one public IP address.
Till now, they have another provider who gives them at least two public IP addresses, and one of them is assigned to their mail server - MS Exchange on Win 2000. They can't change that.
The machine that will have the public IP address and will act as router is running Suse Linux. It is already in production.

Desired behaviour is:
- incoming mails are relayed to the Exchange machine, that will now be part of the internal network.
- Linux machine should be running sendmail to issue its messages.

So,
1. which would be the best way to do this? (they have ipchains, not iptables)
2. Is there a way to configure their DNS zone (which I will hold in my server) to point to an internal machine in their network? (they have a DNS server too, I don't know how it is configured).

Thanks.

1. Have you looked at the tldp ipchains howto?
Have you considered using a proxy?

2. I do not think you can use dns to allow external hosts to talk to a system behind a NAT gateway with a private IP.

clau_bolson · 03-05-2007, 05:09 AM

Thanks nmh, but the question was made almost three years ago. At the time I solved the issue with those clients setting up a postfix on the Suse machine for relay only. Meanwhile, they have changed admins, the new one threw the Suse machine away -he didn't understand it, he is a W$ user - and asked us to manage their mail addresses instead.

nmh+linuxquestions.o · 03-05-2007, 05:17 AM

Quote:

Originally Posted by clau_bolson

Thanks nmh, but the question was made almost three years ago. At the time I solved the issue with those clients setting up a postfix on the Suse machine for relay only. Meanwhile, they have changed admins, the new one threw the Suse machine away -he didn't understand it, he is a W$ user - and asked us to manage their mail addresses instead.

Obviously I should pay more attention to the timestamps..

But just in case others find this thread while looking for ways to do this, two smtp proxies are:
proxsmtp
clamSMTP

I am glad to hear you figured out something (probably much faster than the response you got for this question).

reddazz · 03-05-2007, 07:21 AM

Moved: This thread is more suitable in Linux Server and has been moved accordingly to help your thread/question get the exposure it deserves.

ramram29 · 03-05-2007, 11:59 AM

Simple: Do an DNAT forward of port 25 to the Exchange server. You should migrate to iptables, don't use ipchains - it's much older and does not do packet filtering as good as iptables.

I always recommend not to have an Exchange SMTP server connected directly to the Internet. A harder but more secure setup would be to use your Linux router as the SMTP gateway that relays all messages to the Exchange backend. Let me know if you need help with this. Send me an Email.