>The problem I'm faced with though is our Firewall
(Sidewinder) blindly
>accepts all incoming mail, then passes it to our mail
gateway (Maia)
>which rejects unknown recipient. So I'm actually
rejecting it after it's
>arrived causing headaches for the Firewall to try &
send back to bogus
>sender address (waits for it to expire - 4 days).
>
>Secure Computing (Sidewinder) says it's our MTA's fault
for bouncing
>the message - it should discard it. Verifying the
recipient on the
>Sidewinder opens a whole new can of worms (tying up the
Firewall, etc).
>
>I've thought about placing the Maia on the outside of
the Firewall, but
>I'm hesitant on leaving it unprotected in the DMZ.
>
>It's a no-win. Either way.
>
>Mike Abraham
>
What OS are you running? I would think you could lock down
the server with
iptables or similar and put it outside the firewall. Or, get
a different
(basic - much simpler - cheap) firewall just for the
mailserver. Something
like a Netscreen NS-005-001 that you could get for about $50
on ebay.
Gary V
____________________________________________________________
_____
Find a local pizza place, movie theater, and more….then map
the best route!
http://maps.live.
com/default.aspx?v=2&ss=yp.bars~yp.pizza~yp.movie%20thea
ter&cp=42.358996~-71.056691&style=r&lvl=13&t
ilt=-90&dir=0&alt=-1000&scene=950607&encType
=1&FORM=MGAC01
_______________________________________________
Maia-users mailing list
Maia-users renaissoft.com
http://www.renaissoft.com/mailman/listinfo/maia-users
|
