Re: Secure Delivery between MTA and MDA
Just setup Postfix as an MTA on your MDA server with TLS enabled.
This may seem complicated, however it can be fairly simple.
You can have all email scanned/relayed through a gateway mail-server.
The internal MTA can be firewalled to prevent other connections from using it.
Additionally only dns and trasport modifcatinion need to be messed with, I think.
Here is a working example :)
MX record:
imap2:/var/imap# host -t mx someplace.com
--------------------------------
someplace.com MX 3 ruby.someplace.com
someplace.com MX 2 espresso.someplace.com
Internal MDA runs postfix as a MTA:
--------------------------------
imap2:cat /etc/postfix/transport
--------------------------------
imap.someplace.com local:[imap.someplace.com]
someplace.com local:[imap.someplace.com]
* :[smtp.someplace.com]
External MTA runs Postfix also:
--------------------------------
cat /etc/postf/transport
someplace.com smtp:[imap.someplace.com]
imap.someplace.com smtp:[imap.someplace.com]
* Note, you could also use NFS, but email messages might be lost if the connection is lost.
On 15/10/04 11:20 +1300, Simon Buchanan wrote:
> We are setting up mail services to service a small ISP (-2000 Mail
> boxes) using postfix and DBmail, which we have configured and working
> well. The MTA (postfix with spam/virus) sits on a pairing exchange
> (along with a web server)... we are connected to the Internet from the
> pairing exchange via a 100Mbit connection. From the exchange to our NOC
> is a 5Mbit pipe. The MDA (postfix/DBMail) sits in off our NOC.
>
> What i want to do is setup some sort of secure transfer between the MTA
> and MDA. In theory the only traffic that is comming into the MDA is
> correctly filtered mail.. Outgoing is a different story and not an issue
> here.
>
> The MDA is sitting in its own DMZ behind a Borderware firewall.
>
> Suggesions for/against/other are welcome (please!)....
>
> Regards,
>
> Simon
>
>
> --
> To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>
--
------------------------------------------
Ted Knab
Chester, Maryland 21619 USA
------------------------------------------
The perception of knowledge is an egotistical farce in which
primates extrapolate an understanding of human existance.
Existance itself is transient state that passes upon death. Like
material gain, the knowledge gained in life is completely useless
at the time of death. Not even the knowlege of death itself will save you.
Thus, enjoy your transient existance for death is believed to be
hastily approaching.
-- an unknown smartass
Reply to: