I have a client that has several offices in different physical locations, each with their own hosted email servers in a variety of flavors (postfix, exchange, unix mail). Each location has a different domain. They are closing several locations and want to put all the servers into a single existing data center where they have a single internet connection (1 IP address). They prefer not to consolidate the mail servers at this time.
I am trying to figure out the best way to route the incoming mail traffic (pop and smtp) to the appropriate server.
mail.domain1.com should get routed to 10.10.10.1
mail.domain2.com should get routed to 10.10.10.2
April 9th, 2009, 09:35 AM
You should just have to modify the MX Records (and DNS) to point to the appropriate Domains and Servers..... unless I'm misunderstanding something....
April 9th, 2009, 10:37 AM
Cheap Scotch Ron
If I change all the MX records to all point to the same public IP, how to I route the appropriate mail to the appropriate server? e.g.
We currently poke holes in the router for mail by port forwarding:
ip nat inside source static tcp 10.10.10.6 25 interface Ethernet1 25
ip nat inside source static tcp 10.10.10.6 110 interface Ethernet1 110
but now we would need to route traffic for domainname1.com to one internal IP address
and traffic for domainname2.com to another internal IP address.
I dont know how to do that via cisco IOS.
April 9th, 2009, 11:02 AM
Cheap Scotch Ron
I think I am going to port forward all mail to a server running postfix, then use the postfix /etc/postfix/relay_domains and /etc/postfix/transport config files to route mail to the appropriate server. gotta test it today.
That looks good provided there are no unforeseen issues. I think in Cisco IOS you would do it using DNS views but MX responses usually don't cache correctly from what I recall. Good luck!
April 12th, 2009, 10:33 PM
We have a big email scanning server which does the usual checks antivirus and antispam. It has one internet facing IP and all the other servers sit behind it on a private range. Once scanning process is complete mail is forward to the mail server designated for that domain it works pretty good.