I'm trying to figure out if I have my rules set up correctly for my SMTP servers. I have an SMTP server in our DMZ that receives email for our domain and then forwards it to our internal email server. The internal email server forwards outgoing email to the DMZ server which then sends it on the the destination. The DMZ SMTP server uses a private address which gets NAT'd by the firewall. The internal SMTP server just has a private address (no public address). The rules I have set up are:
Rule 1 valid-internal(negated) dmzmailserver-ext-address smtp Rule 2 internal-mailserver internal-mailserver smtp dmzserver-ext-address dmzserver-ext-address smtp dmzserver-private-address dmzserver-private-address smtp Rule 3 dmzserver-ext-address valid-internal(negated) smtp dmzserver-private-address Mail gets sent and received but I don't think this is the right set up. Rule 1 allows the outside world to send mail to the public address of the DMZ mail server. Rule 2 is supposed to allow the DMZ mail server to forward mail to the internal mail server and vice versa. Would the mail coming from the DMZ be sourced from the pubic or private address? Does my internal mail server need a public address? Rule 3 allows the DMZ mail server to send mail out to the internet. Would the mail being sent out from the DMZ mail server be sourced from the public or private address? I want to get this cleaned up so any thoughts or advice would be greatly appreciated. Thanks. __________________________________________________ Do You Yahoo!? LAUNCH - Your Yahoo! Music Experience http://launch.yahoo.com _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls
