-
April 8th, 2009, 08:32 PM
#1
mail routing question
I have a client that has several offices in different physical locations, each with their own hosted email servers in a variety of flavors (postfix, exchange, unix mail). Each location has a different domain. They are closing several locations and want to put all the servers into a single existing data center where they have a single internet connection (1 IP address). They prefer not to consolidate the mail servers at this time.
I am trying to figure out the best way to route the incoming mail traffic (pop and smtp) to the appropriate server.
e.g.
mail.domain1.com should get routed to 10.10.10.1
mail.domain2.com should get routed to 10.10.10.2
Suggestions?
In God We Trust....Everything else we backup.
-
April 9th, 2009, 08:35 AM
#2
You should just have to modify the MX Records (and DNS) to point to the appropriate Domains and Servers..... unless I'm misunderstanding something....
"It is a shame that stupidity is not painful" - Anton LaVey
-
April 9th, 2009, 09:37 AM
#3
If I change all the MX records to all point to the same public IP, how to I route the appropriate mail to the appropriate server? e.g.
We currently poke holes in the router for mail by port forwarding:
ip nat inside source static tcp 10.10.10.6 25 interface Ethernet1 25
ip nat inside source static tcp 10.10.10.6 110 interface Ethernet1 110
but now we would need to route traffic for domainname1.com to one internal IP address
and traffic for domainname2.com to another internal IP address.
I dont know how to do that via cisco IOS.
In God We Trust....Everything else we backup.
-
April 9th, 2009, 10:02 AM
#4
I think I am going to port forward all mail to a server running postfix, then use the postfix /etc/postfix/relay_domains and /etc/postfix/transport config files to route mail to the appropriate server. gotta test it today.
e.g.
/etc/postfix/relay_domains
domainname1.com
domainname2.com
/etc/postfix/transport
domainname1.com smtp:[10.1.1.50]
domainname2.com smtp:[10.1.1.51]
In God We Trust....Everything else we backup.
-
April 9th, 2009, 08:47 PM
#5
That looks good provided there are no unforeseen issues. I think in Cisco IOS you would do it using DNS views but MX responses usually don't cache correctly from what I recall. Good luck!
"It is a shame that stupidity is not painful" - Anton LaVey
-
April 12th, 2009, 09:33 PM
#6
We have a big email scanning server which does the usual checks antivirus and antispam. It has one internet facing IP and all the other servers sit behind it on a private range. Once scanning process is complete mail is forward to the mail server designated for that domain it works pretty good.
----------------------------------------------------------------------------------------------------------
"If I'd asked my customers what they wanted, they'd have said a faster horse." ~ Henry Ford
Similar Threads
-
By XTC46 in forum Site Feedback/Questions/Suggestions
Replies: 15
Last Post: August 24th, 2005, 07:52 PM
-
By Negative in forum The Security Tutorials Forum
Replies: 12
Last Post: June 2nd, 2004, 01:09 AM
-
By Simo in forum Miscellaneous Security Discussions
Replies: 7
Last Post: October 28th, 2003, 03:47 PM
-
By hot_guy in forum AntiOnline's General Chit Chat
Replies: 1
Last Post: August 8th, 2003, 12:44 PM
-
By smirc in forum AntiOnline's General Chit Chat
Replies: 3
Last Post: May 13th, 2002, 03:24 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|