Chapter 5: Configuring Mail Routing

5.5 Scenario 4: Working With a Firewall

Many organizations use firewalls to protect their networks from outside invasion. These firewalls typically come in two distinct flavors:

• Packet-filtering hardware system that monitors connections to internal servers.
  
  
• Software-based proxy servers that accept and deliver mail on behalf of the internal systems, but do not allow direct SMTP connections between the inside and outside worlds.
  

If your organization uses a packet-filtering firewall that does not implement an SMTP proxy server, then you can skip this section. The standard Unoverica Message Transport installation should work with no difficulty with this type of product.

If however your organization uses an SMTP proxy server, then you may need to configure additional parts of your network in order for mail to flow correctly. You will likely need to take the following steps in order for Unoverica Message Transport to work with the SMTP proxy server effectively:

1. Determine whether your network will be connected to the Internet on a full-time or on-demand basis, or if you will be using your Internet Service Provider for mail services. Implement the architectures described in sections 5.2 Scenario 1: Routing Mail for a Domain or 5.3 Scenario 2: Routing Mail Through an External Site, as appropriate.
   
   
2. If you will be connected to the Internet directly, then you may need to add MX records to your DNS server that identify which of the systems should intercept in-bound mail. Some firewalls give a higher MX preference to the internal mail server over the firewall, allowing the latter to intercept mail and then forward it on to the destination. Meanwhile, some SMTP firewalls do not use MX records for mail routing, but instead publish themselves as the sole destination for mail, and then use internally-defined rules to rewrite the mail headers before delivering it to the destination mail servers. Check with the documentation for your firewall to determine the appropriate course of action.
   
   
3. You will likely need to configure your system to relay all out-bound mail to the firewall for delivery to external mail systems. Instructions on how to do this are provided in section 5.3.1 Forwarding All Out-Bound Mail to a Relay Host.
   

STEP: To learn more about some of Unoverica Message Transport’s advanced configuration options, go to Chapter 6: Advanced Configuration Options.

Copyright 1997 Unoverica Corporation, All Rights Reserved page
Send comments to docs@unoverica.com