Truth Seeker a écrit : > > Dear Pros' > > I am facing a problem in getting system generated mails to my local mailbox. > let me explain the scenario. > > Postfix Mail Server <---> Firewall <---> External Mail Hosting > example.com external.com > > To our internal Postfix Mail Server, we are receiving mails from outside > through a third party service provider. Fetchmail is downloading from postfix > to get mails from the external mail server. > > Now we have our example.com domain internal details explained in an Internal > DNS Server, with the MX entry pointing to the internal Postfix Mail Server. > > Our example.com domain is registered (internal and external domain are same) > and it have its own MX record in the internet which points to our external > hosting's mail server. > > In our firewall, the DNS is pointed to external DNS servers, as usual.
as what? if your firewall has programs that need internal dns infos, then my "usual" is: - set resolv.conf to point to the internal DNS server - configure bind to use external forwarders. this way, programs on the FW can see internal names. (this can be coupled with "split dns horizon" thing...). if this is not desirable, then programs on the firewall have no business talking to internal services. > Now when the firewall is trying to send system related messaged to my local > account, what in your firewall is sending mail? this is the piece of software to configure to send mail to the internal postfix. no need to play with DNS. > it is sending to the External Mail Server (bcoz of the MX entry from the > external DNS) and this mail is rejected because, the from address is not able > to verify by the external Mail Server ( from address from logwatch event is > like logwa...@example.com) > > Now i want my firewall to send mail to our internal POSTFIX mail server. How > can i achieve that WITHOUT changing the dns servers to internal (it shoud be > external in the firewall). > > So i feel like, if we can locally set MX which points to Internal Postfix > Mail Server in the firewall, that will do the trick... > > but i dont know whether it is possible or how to do that??? > > > > > > >
