We
have several customers already working for a long time with solution 1. This is
a good solution since you do not have direct interaction between the mail server
and other servers on Internet. We also have the same configuration for outgoing
mail, which brings the same level of satisfaction.
Other
point of view might differ but from our experience it is the way we would
proceed from your information.
Best
regards
Christian ALT
Telecom and Logistics Associates
Network adn Security Comapny
-----Original Message-----
From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED]]On Behalf Of Carpenter, Adam
Sent: lundi, 10. f�vrier 2003 17:30
To: [EMAIL PROTECTED]
Subject: [FW-1] SMTP Security Server - General QuestionsI just have some quick questions about SMTP & Firwall-1.Right now my mail server is nat'd by the firewall and only SMTP traffic is allowed. If I wanted to use the SMTP Security Server to scan mail would I be better off:1. Removing NAT address & DNS for mail server & creating an MX record that points all mail to firewall's external interface. Create an SMTP resource that directs all inbound SMTP to my mailserver & create a rule that allows my mail server to send outbound SMTP.OR2. Leave my MX records & NAT alone and just let Firewall-1 intercept the messages.If I go with #2 is there any reason for the mail server to be publicly accessible anymore?Thanks for the help.- Adam
