In our environment, the outside DNS resolver points its MX record for our
domain to our outside firewall interface. Using the Raptor NT SMTP "wizard",
you'll create the rule that allows SMTP to flow through to your mail server
behind the firewall. This is the preferred method via proxy... else you could
(but not recommended) setup a local tunnel w/filters to pass SMTP
"transparently" directly to your mail server behind the firewall.
--------KANSAS DEPARTMENT OF HEALTH & ENVIRONMENT---------
---------------WWW.STATE.KS.US/PUBLIC/KDHE----------------
--------------Landon State Office Building----------------
------------------Phone (913) 296-5643--------------------
*** Forwarding note from I1106407--IBMMAIL 07/30/97 12:43 ***
Date: Wed, 30 Jul 1997 09:53:11 -0400
From: Michael J Yelland <myelland @
ferc .
fed .
us>
To: Firewalls @
GreatCircle .
COM
Subject: MX records
We recently installed a Raptor Eagle NT firewall, and as such is mangles
dns functioning in that it seems impossible to find out what is really
supposed to be pointing to what. Real named was so much easier...
Our MX machine is inside the firewall of course but are the MX records
supposed to point to the real MX machine or the firewall ?
ferc2 is the f/w but ferc3 is our inside mx machine.
>Default Server: ferc2.ferc.fed.us
>Address: 208.207.43.2
>
>> set type=any
>> ferc.fed.us
>Server: ferc2.ferc.fed.us
>Address: 208.207.43.2
>
>ferc.fed.us MX preference = 10, mail exchanger = ferc.fed.us
>ferc.fed.us internet address = 208.207.43.2
>ferc.fed.us nameserver = auth02.ns.uu.net
>ferc.fed.us nameserver = ferc2.ferc.fed.us
>ferc.fed.us
> primary name server = ferc2.ferc.fed.us
> responsible mail addr = root.ferc.fed.us
> serial = 970714125
> refresh = 43200 (12 hours)
> retry = 3600 (1 hour)
> expire = 2678400 (31 days)
> default TTL = 3600 (1 hour)
>
---- End of mail text
Additional SMTP headers from original mail item follow:
Received: from relay4.UU.NET by ibmmail.COM (IBM VM SMTP V2R3) with TCP;
Wed, 30 Jul 97 12:43:36 EDT
Received: from honor.greatcircle.com by relay4.UU.NET with ESMTP
(peer crosschecked as: honor.greatcircle.com [198.102.244.44])
id QQdalm00347; Wed, 30 Jul 1997 12:40:19 -0400 (EDT)
Received: (majordom @
localhost) by honor.greatcircle.com (8.8.5/Honor-Lists-9703
08-1) id GAA26019 for firewalls-outgoing; Wed, 30 Jul 1997 06:56:11 -0700 (PDT)
Received: from ferc2.ferc.fed.us (ferc2.ferc.fed.us [208.207.43.2]) by honor.gr
eatcircle.com (8.8.5/Honor-970427-1) with SMTP id GAA25921 for <Firewalls @
Great
Circle.COM>; Wed, 30 Jul 1997 06:55:47 -0700 (PDT)
Received: from ferc1.ferc.fed.us by ferc2.ferc.fed.us
via smtpd (for honor.greatcircle.com [198.102.244.44]) with SMTP; 30
Jul 1997 13:50:48 UT
Received: from mjycdsi ([205.130.8.15]) by ferc1.ferc.fed.us (8.6.9/8.6.9) with
SMTP id RAA12257 for <Firewalls @
GreatCircle .
COM>; Wed, 30 Jul 1997 17:40:18 -0
400
Message-ID: <33DF472B .
3563 @
ferc .
fed .
us>
Reply-To: myelland @
ferc .
fed .
us
Organization: FERC
X-Mailer: Mozilla 3.0 (WinNT; I)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: firewalls-owner @
GreatCircle .
COM
Precedence: bulk
|
|
