Date: Fri, 18 Dec 1998 02:36:25 +1300 (NZDT) From: Andrew McNaughton <andrew@squiz.co.nz> To: Frank Terhaar-Yonkers <fty@cisco.com> Cc: tups@novobcs.ee, freebsd-isp@FreeBSD.ORG Subject: RE: smtp "polling" thru a firewall Message-ID: <Pine.BSF.4.05.9812180215190.12626-100000@aniwa.sky> In-Reply-To: <199812171257.HAA24958@claret.cisco.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is not what ETRN does. ETRN allows you to trigger an immediate queue run on the remote server, but the mail is not going to get sent to you via the existing connection. If you can't alias or proxy an external port through to your internal mail serve then you can't in general use smtp. There are of course ways to set up tunnels, such that you open a connection out to a machine which tunnels inbound connections in, but this probably is not consistent with the security policies you're trying to work with. Perhaps you could use uucp? I don't know much about this. It's mostly before my time. I seem to remember seeing it suggested for this sort of situation though. Be wary of approaches based on pop/procmail. You'll probably find someone who suggests it if you look around, but because it uses the mail headers rather than the SMTP envelope it behaves incorrectly. eg most mailing lists, including the freebsd ones, do not have the recipient addresses in the headers. Andrew McNaughton On Thu, 17 Dec 1998, Frank Terhaar-Yonkers wrote: > I understand. But in my case I cannot do the MXing on the firewall > machine. It's a "political" decision. So, the only way to get mail > into the machine inside the FW is to open a socket connection from > inside, which then allows two way communication with an smtp server > anywhere on the outside. > > thanks - Frank > > >> I've a situation where a domain sits behind a firewall. I'd > >> like to set > >> up a "polling" situation so the mail server inside the FW can > >> grab mail > >> from the MX'd server outside the firewall. It appears that > >> "fetchmail" > >> may do this with newer sendmails that are configured to use > >> ESMTP. The > >> other problem is the IP # that the inside server has will be dynamic > >> (assigned by the firewall) WRT the outside. It seems this will cause > >> validation problems as there will be no DNS mapping. > > > >In our Company, MS Exchange server stands inside behind FBSD firewall. > >FBSD machine is MX for our domain, and its /etc/mailertable has entry: > > > >novobcs.ee smtp:[exchange.novobcs.ee] > > > >exchange.novobcs.ee is declared by dns as IP for our inside exchange machine > >It may be 192.168.x.x or whatever > > > >If anyone sends email for our domain, it will be first sent to firewall > >which is MX , and then firewall will send it directly to inside machine > > > > > > > \\\\////\\\\////\\\\\////\\\\\////\\\\////\\\\////\\\\////\\\\////\\\\////\\\\ > Frank Terhaar-Yonkers > Cisco Systems, Inc. > TISU/NSITE > 7025 Kit Creek Road PO Box 14987 > Research Triangle Park, North Carolina 27709 > fty@cisco.com voice(919)472-2101 fx(919)472-5600 > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9812180215190.12626-100000>