5.5/SP4 Our parent company runs exchange, our web servers run sendmail. Both of our production environments exist on the same subnet. We have several internal firewalls that NAT addresses from public to private. When our backend attempts to send an email to exchange on the same subnet it gets deferred. I can run a verbose sendmail and watch as our mailserver is denied access to the parent co mailserver. The problem is that exchange thinks my sendmail emails are spoofed as a result of the NAT'd IP address. The header says I am from this source but when the firewall NAT's the IP exchange thinks the email is spoofed and denies. The problem is compounded because the deferred email sits in my sendmail queue for attempted delivery for 5 days.
One solution is to create an A record on our DNS servers zone file. Unfortunately UUNET won't allow 10.x.x.x addresses on zone files. The parent co uses ATT DNS and we use UUNET DNS. These mail servers both exist on 10.103.1.x networks and get NAT'd to 198.172.138.x. Our parent company is unwilling to make config changes on their end so we have to solve the problem from a sendmail standpoint. I am researching solutions but all call for some config change on the exchange server. This is not an option as our parent co is paranoid about security (good thing). Is there somewhere in exchange you can create a rule that will allow a specific ip to come in spoofed? Any experience with sending email on the same subnet with the path of the mail traversing a NAT point (firewall)? I am stumped. I have a bandaid solution with an external mail server; I was hoping to create a solution with less maintenance. Now I have to admin an alias file that changes as the distribution list changes. _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
