On 2009-10-02 Augusto Casagrande wrote: > My idea is to put 2 MTA's servers, one in the DMZ and the other in the > LAN. The goal is to get security in the LAN , and only expouse one > server to the internet. Also, i want to "decompress" the traffic , > between the LAN and internet. > So far , i' ve managed to send email from @myfomail.com to > @mydomain.com , and from untrusted (internet) networks to > @mydomain.com. But i cannot send from @mydomain.com to untrusted > (internet) networks ( ie : @yahoo.com, @gmail.com).
What route is your mail supposed to take? Inbound: I-net --> MX --> LAN-MTA DMZ-MTA Outbound: Client --> LAN-MTA --> Smarthost --> I-net DMZ-MTA Which server hosts your users' mailboxes? > My DMZ Postfix postconf -d: [...] > And the LAN Postfix postconf -d : Please post the output of "postconf -n" (-d will report the defaults, which won't help much). Also please refrain from obfuscating things unless you know exactly what you're doing. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq