Great Circle Associates Firewalls
(February 1998) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: SGi Gauntlet and E-Mail
From: Kris Nolan <kris @ netx . net>
Date: Mon, 09 Feb 1998 02:30:06 -0800
To: Firewalls @ GreatCircle . COM
Cc: andreass @ zenon . logos . cy . net 
> Date: Mon, 09 Feb 1998 07:34:21 +0200
> From: Andreas Stylianou <andreass @
 zenon .
 logos .
 cy .
 net>
> Subject: SGi Gauntlet and E-Mail
> 
> We currently operate our e-mail by using Netscape's E-Mail Servse which resides "behind" an SGi Gauntlet V.3.2.
> The problem that we have is the following:
> 
> A user with the following email client  configuration:
> 
> SMTP <host>.<domain>.com
> POP3  <host>.<domain>.com
> USER ID <userid>@<subdomain>.<domain>.com
> 
> sends an email to any user on the Internet.
> i.e From: <userid>@<subdomain>.<domain>.com
>      To:      <userid2>@sgi.com
> 
> The gauntlet firewall accepts the mail and forwards  it into  the
> "trusted"
> network.......email server.

First, I don't think messages coming from an internal machine should
firt go to the firewall and then to the internal email server and then
back to the firewall.  All internal machines should send their mail
directly to the internal mail server, which should deliver mails
addressed to accounts on the local domain directly, and forward mails
addressed to the outside world to the firewall.


> The trusted email server opens an SMTP connection with the firewall and
> the firewall opens an SMTP connection with the destination host......................  that is where the striping of the subdomain occurs.
> That is at the recipient's side the "from" field shows:
> <userid>@<domain>.com (the subdomain is lost)\

It's pretty standard that people like to have subdomains stripped, so I
think Gauntlet's sendmail's default is to take them out.  However, in
the Gauntlet I've worked on (version 3.1 for IRIX running on IRIX 6.2)
there are specific entry fields in the admin GUI form to type in
subdomains that you don't want to have stripped off - it's on the
'Sendmail Configuration' GUI admin page.  You just graphically add all
the subdomains you want recognized.

kris

-- 
. . . Californians were like most Americans:  cold-blooded community
killers, ready to administer the coup de grace to merchants who had
sponsored decades of Little League teams and high-school yearbooks in
order to shave some pennies off a tube of Colgate.
						Thurston Clarke
Indexed By Date Previous: (Fwd) Re: Differences
From: "Elfed T. Weaver" <weaver @ hydra . dra . hmg . gb>
Next: firewall
From: rdixon @ NCAnet . com (Randy Dixon)
Indexed By Thread Previous: Re: SGi Gauntlet and E-Mail
From: Scot Reed <sreed @ xnet . com>
Next: [no subject]
From: Manoj Arvind <manoj @ crlbel . ernet . in>
Google
 
Search Internet Search www.greatcircle.com