On Tue, Dec 12, 2000 at 02:08:29AM +0100, Thomas Haberland wrote:
> The two questions are:
>
> - Intranet mail relaying should keep working, but how do I seperate relaying
> of Intranet mails to [location].myintranet.dom and outside to the Internet
> for all other mails?
That depends on a number of factors.
1. Can these internal mail systems connect to the internet directly
(perhaps via a NAT)?
2. Is your internal DNS setup such that queries about non local
domains are answered correctly?
If the answer is "yes" to both questions, then qmail will work without
any special configuration.
If the answer is "no" to either question, then you need to add a
special smtproutes entry such that mail to your domain use the DNS
while all other mails are forwarded to your "Internet Mail
Gateway". The man page for qmail-remote discusses this very
requirement, but using your sample domain, the smtproutes file would
have:
.myintranet.dom:
:Internet-gateway.myintranet.dom
What this means is that all mail address to .myintranet.dom will use
the name server to resolve the MX and anything else will be
unconditionally forwarded to Internet-gateway.myintranet.dom which is
meant to be the name of your Internet Mail Gateway, which I assume is
in your internal DNS.
> The Internet mail gateway has a different IP address.
I'm not sure what the significant of that statement is. A different IP
address from what exactly? As long as it's in your internal DNS and as
long as it's reachable by your internal qmail servers, then it's not a
problem.
> - is it possible to grant access to use the Internet mail gateway (relay) for
> specific users or user groups? How?
No. You'd have to write code to do this. It's sort of possible if you
can identify users by IP address and thus redirect them to different
instances of qmail, but there is no general nor easy mechanism.
Regards.
