[Mimedefang] SMTP AUTH password can be used in Mimedefang?

Steffen Kaiser skmimedefang at smail.inf.fh-bonn-rhein-sieg.de
Mon Nov 24 06:42:48 EST 2008

Hash: SHA1

On Mon, 24 Nov 2008, sosogh wrote:

> The backend mail server holds three service:
> 1.SMTP service(serve for outbound mails)
> 2.MX service(serve for inbound mails)
> 3.POP3 service
> My users's outlook recognizes that POP3 server and SMTP server are both
> Outside world recognizes that mail server of domian backend.com is
>> You could configure the backend server to accept mail from the mail only proxy,
>> that way anybody not honoring your MX records is lost.
> If I do so , any SMTP connnection from users's outlook will be blocked by backend server.

So, service "1." and "2." are actually the same :) right?

Outbound mails are authentificated, hopefully. So, the backend server 
(single Port 25 for 1. and 2.) accepts any authentificated mail (service 
1.) and any mail from (service 2).

> My user's outlook must access to backend server,but their IP are dynamic

Differ them by authentificated-status, not by IP range.

> So I have to set a "proxy",I set proxy server in a "bridge" mode,make it transparent.
> the network is as follow:
>                   eth0     eth1          eth0
> outside----------->    proxy   ----------> backend
>                    ==bridge==
> I have to redirect any "SMTP to" to using this cmd on proxy server :
> /sbin/iptables -t nat -A PREROUTING -p tcp -d --dport 25 -j DNAT --to-destination

If you "redirect" via MX record, your users still use, I guess. 
(Outlook does not honor MX, does it??)

Because non-auth'ed mails are rejected by inbound mails must flow 

>> How do you authentificate your users, with sendmail or postfix?
> Postfix . Because I set this "proxy server" with postfix and mimedefang
> postfix verify valid recipients like this:
> postfix call mimedefang , mimedefang call the function "md_check_against_smtp_server"

Again: Why do you use different MTAs one backend and proxy?

Is the backend Exchange?


- -- 
Steffen Kaiser
Version: GnuPG v1.4.6 (GNU/Linux)


More information about the MIMEDefang mailing list