[oclug] [Fwd: RE: Thanks for the help!]

[Strosberg, Bill]

Dave:

There is not enough information here to make informed suggestions.

Q1)	Has he got more than one valid, external IP address available from
his router?
Q2)	Is he attempting to set up a sendmail (choose your MTU) box to relay
"in between" Exchange and the Internet?
Q3)	Is his intention to forward SMTP, POP & IMAP directly to the
Exchange box without putting sendmail in between?

If he has got more than one valid external IP address, then he can set up an
isolated "filter" box that can act as a relaying MTU, keep in mind anything
that connects the public side (Internet) with a private network via two
Ethernet cards is a HUGE hole that must be firewalled.  In all fairness, the
existing firewall can probably handle port forwarding to the Exchange box in
some fashion already.  Boxes inside the router and outside the firewall are
usually referred to as located in a DMZ.  DMZ boxes do not usually connect
directly to the internal network as this defeats the purpose of the
firewall.

Even if he sets a relaying MTU in the DMZ, he'll still have to open ports in
the firewall for  the Exchange box to talk with the relaying MTU in the DMZ.
Having control over the packet filtering on the firewall box is a must, as
he will want to DENY external connections directly to the Exchange box
(which is a VERY good thing!).

There are lots of good sendmail (qmail ...) jockeys out there on the list.
I've personally had David Skoll help me in the past in a similar situation,
can attest to his abilities with sendmail.

As far as the "routing tools" comments about differences between MDK and RH,
there are not any  differences at the /sbin/route level.  Since they are
both RH-based, config files (/etc/sysconfig/network-scripts etc.) are all
the same.  


--
Bill Strosberg
> Hey Gang,
> 
> I have a friend in need here.  Any help would be very 
> appreciated and is
> good for beverage points redeemable after a meeting in the 
> near future.
> 
> Thanks,
> Dave.
> 
> I do have a question:
> 
> I've set-up this new server with 2 network cards.
> One card (eth0) is attached to my router that joins us to our 
> ISP.  The
> other card currently plugs into my switch (inside the firewall.)
> 
> I've currently disabled the internal nic so that I don't have a hole
> around
> the firewall.  What I want to do is set-up this system so 
> that the mail it
> receives from the Internet will pass directly into my exchange server
> (therefore fixing troubles for my MAC guys) and mail internal from the
> Exchange server passed out through my sendmail server.
> 
> I know this involves setting up routing, but I'm not 100% 
> sure how to set
> the routing for these two servers only.  I will eventually set-up this
> Linux
> box as the gateway to the internet, but right now I just want to take
> things
> one step at a time.
> 
> Any suggestions???  I've been reading like crazy about 
> routing and how to
> configure it, but so far the only tools I've been able to 
> read up on are
> under Red Hat and Mandrake Linux doesn't use the same things (except
> LinuxConf-----would that make sense to use??)