Re: Configuration of local mailserver behind linux firewall - HELP!

[Robert Varga <robi@piros.zold.net>]

On Mon, 6 Mar 2000 doug@dupreeinc.com wrote:

> Hello,
> 
> I have a linux (2.2.X kernel) box that I am using as a firewall between
> my internal network and our new ADSL modem.  I am currently working on
> configuring the ipchains on the linux box to protect my internal
> systems.
> 
> Question: My internal mailserver is currently running on a HP-UX C3000
> which
> is behind the firewall (IP: 192.168.XXX.XXX).  I need to configure my
> linux firewall to pass the SMTP transmissions to and from my server.
> 
> What is the best way of doing this?

a: Just forward tcp port 25 on the firewall to the mail server.

b: setup a mail proxy on the firewall, that accepts incoming mail from
outside and forwards it to the internal mailserver. if you want to, you
can also direct outgoing mail from the internal mailserver through this
mail proxy. relaying on the proxy should be enabled for the internal
mailserver only. 
This is the cleaner solution since you don't have to make any firewall
rules for this. However you must not have any user to which mail is
delivered on the firewall. The mail proxy must be only a proxy. And choose
a safe MTA for te firewall, I suggest qmail.

With qmail questions in Debian, write to the Debian-Qmail list at
qmail@planetsites.com .

Robert Varga