Actually, I was referring to the 1-server setup needing 'voodoo' to get it working in a similar fashion to the current 2-server setup. ;) I don't judge. Everyone can decide for themselves what's the best solution for their case! :D (From a security point of view, I've always taken the stance that as little as possible should be running on the firewall. Especially nothing like Bind or a mail-server. It's only my opinion, though.) Gaby Schilders IBFD network admin -----Original Message----- From: George Vieira [mailto:georgev@xxxxxxxxxxxxxxxxxxxxxx] Sent: donderdag 16 oktober 2003 8:17 To: Gaby Schilders; Carlo Florendo Cc: netfilter list Subject: RE: local DNAT with bind,postfix,and iptables > 1) Postfix trick mentioned by George (and obviously having > only one postfix box instead of two with a voodoo like setup > to compensate... ;-) > hey, that ain't voodoo man.. ;P I use this method to stop people going straight to my internal Microstop Exchange box and forced to go through my postfix box which as a transport file to relay internal but the machine itself.. This enables me to control the mail as well as setup RBL and free antivirus setup using linux... Otherwise just put a smart host entry on your sendmail/postfix/firewall box to use the internal server for relaying out.. but I prefer my transport idea... that's what it was made for... ;P he he Thanks, ____________________________________________ George Vieira Systems Manager georgev@xxxxxxxxxxxxxxxxxxxxxx Citadel Computer Systems Pty Ltd http://www.citadelcomputer.com.au Phone : +61 2 9955 2644 HelpDesk: +61 2 9955 2698 > -----Original Message----- > From: Gaby Schilders [mailto:G.Schilders@xxxxxxxx] > Sent: Thursday, 16 October 2003 4:08 PM > To: Carlo Florendo > Cc: netfilter list > Subject: RE: local DNAT with bind,postfix,and iptables > > > Perhaps I'm out of line here, but there are several ways > leading to Rome, as they say here. >
