> On Fri, May 08, 2009 at 12:20:26PM -0400, Comtois, Andre wrote:
>
>>
>> I'm having mixed results getting this to work.  My postfix server
>> accepts emails and relays them to the exchange server just fine, however
>> it also seems to have no issues relaying emails to gmail.com as well, so
>> I'm not sure how to restrict it to only accepting messages destined for
>> my domain.
>
>
>     http://www.postfix.org/BASIC_CONFIGURATION_README.html#relay_from
>     http://www.postfix.org/BASIC_CONFIGURATION_README.html#relay_to
>
> If your receiving system in the DMZ is behind a NAT device that translates
> source addresses from the Internet to a fixed DMZ source IP address,
> be SURE TO EXCLUDE that address from "mynetworks".

Viktor, could you please be a bit more specific on this one? Are you
saying to exclude the NATed IP or the Internet IP?

> Be sure to not NAT internal clients (your Exchange servers), or NAT them
> to a different IP.

This one is not clear to me either. I'm trying to setup 2 servers behind a
Pix firewall, Postfix server before Exchange, both NAT'ed on the same
subnet but both represented by 'real' external IP's on the ineternet. Will
this not work properly?

Tia,
Chas.

>
> Of course, you really should NOT NAT source addresses at all, with source
> IPs masked you can't use RBL lists, and your logs are much less useful.
>
> --
>       Viktor.
>

Reply via email to