Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: Dale Olberding on June 07, 2002, 08:38:52 PM
-
We are about to purchase a new firewall for our company. Currently we use an E-Smith box to allow e-mail access from the web. What I would like to do is place the E=Smith box on the DMZ, the have all e-mail coming into our company or going out of the company go through this E-Smith box. We currently have an Exchange 5.5 mail server. My question is whether or not this is possible? Can you change your MX record to point to the E-Smith box and have it forward all incoming mail to the Exchange box? Then have the Exchange box send all outgoing mail to the E-Smith box and have it send the out the internet. The reason for this is I would like to keep the IP address on the Exchange server private, and just give the E-Smith box a public IP address. Is this possible, or is there a better way to handle this?
Thanks,
Dale
-
Dale,
Intresting, this is also what i'm searching but one difuculti what are you doing then whit your webmail.
Where do you publish this now (on the SME box are exchange whith portforwarding) and how would you use it later (whith SME are...)
I, want als so no Winbox on the outside.
How now's the richt Idee
Greetings
Johan
-
Yes, both things are possible. On the e-smith, you need to set the delegate mail server option in "E-mail retrieval" to the ip of your exchange server. You'll also need to set the exchange server to hand off mail to the e-smith.
However, you seem to be confused regarding public ip's when using a DMZ - if you put the exchange server on the DMZ, by definition it wouldn't have a public ip - only the firewall would be publicly visible. You don't need to change the MX record if the firewall is on the ip that the MX is pointing to, all you'd need to do is to open the pin-hole in the DMZ to point to your designated mail machine.