> On Fri, May 08, 2009 at 12:20:26PM -0400, Comtois, Andre wrote: > >> >> I'm having mixed results getting this to work. My postfix server >> accepts emails and relays them to the exchange server just fine, however >> it also seems to have no issues relaying emails to gmail.com as well, so >> I'm not sure how to restrict it to only accepting messages destined for >> my domain. > > > http://www.postfix.org/BASIC_CONFIGURATION_README.html#relay_from > http://www.postfix.org/BASIC_CONFIGURATION_README.html#relay_to > > If your receiving system in the DMZ is behind a NAT device that translates > source addresses from the Internet to a fixed DMZ source IP address, > be SURE TO EXCLUDE that address from "mynetworks".
Viktor, could you please be a bit more specific on this one? Are you saying to exclude the NATed IP or the Internet IP? > Be sure to not NAT internal clients (your Exchange servers), or NAT them > to a different IP. This one is not clear to me either. I'm trying to setup 2 servers behind a Pix firewall, Postfix server before Exchange, both NAT'ed on the same subnet but both represented by 'real' external IP's on the ineternet. Will this not work properly? Tia, Chas. > > Of course, you really should NOT NAT source addresses at all, with source > IPs masked you can't use RBL lists, and your logs are much less useful. > > -- > Viktor. >
