Having a masq'ing gateway forward mail to a masqueraded host

Having a masq'ing gateway forward mail to a masqueraded host

Post by Emile van Berge » Wed, 14 May 1997 04:00:00



Hello,

I just happened to read Les' response on a post about a masquerading
firewall/gateway
that had to forward all mail. Well, I have a very similar setup:

+----------+      +------------------------------------------+
| Internet |------| Linux ISDN router/Firewall with masq/DNS |  <-
adenc.xs4all.nl in the ISP's DNS
+----------+      +------------------------------------------+
                                     |
            |--------------------------------------------------|  <- lan
                |             |              |            |
                |            ...            ...          ...
         +-------------+
         | Mail server |  <-known as alpha.adenc.xs4all.nl in the linux
box, not in the outside world *
         +-------------+

*) My ISP's DNS doesn't forward DNS-lookups from the outside world to
the linux box, i.e. it doesn't
   define adenc.xs4all.nl as a domain with a NS-RR, rather as a host.
   This means I can't simply define alpha in my DNS as the MX and open
up the firewall a bit.

I already figured the best way to get internet mail to the mail server
is to
have the linux box accept the mail with SMTP (the MX-RR in the ISP's DNS
points to it, after all), and forward it using some sendmail
configuration.
The Mail server directly connects to one of the ISP's mailservers SMTP
port,
via the masquerading, this works all ok. (It would be nicer to have the
Linux box forward outbound mail too, using SMTP, though... see 3. below)

So is there some sendmail-config expert out there that knows a config
file
that does the following:

1. All mail that arrives directed to adenc.xs4all.nl is forwarded to
alpha.adenc.xs4all.nl
(the above mentioned mail server), _UNLESS_
2. The user to which the mail is directed is a local (real) user at the
linux box.
3. Forwards everything not in the adenc.xs4all.domain to the appropriate
SMTP host on the
internet. This needs to be batched, so that I can buffer everything up
to 4 hrs before
sendmail starts connecting to alien hosts.

(N.B.: When sendmail starts sending its batch and the connection to the
internet gets up,
all inbound mail will also automatically be received, because my ISP
also has batched SMTP.
This already works ok).

4. This doesn't need to have all users of the lan defined at the
linuxbox.
5. This doesn't need a MX-RR for alpha.adenc.xs4all.nl in my ISP's DNS.
(Remember,

the linux box).

In my DNS, I have defined the linux box as the MX for domain
adenc.xs4all.nl.
This should be OK, as sendmail should forward all internal mail to
adenc.xs4all.nl
to the alpha-host, unless... (see 2.)

Please, if there 's someone out there who knows how to do this, and is
willing to
help me set up a config script (I have little knowledge about sendmail,
but I do
have experience TCP/IP, SMTP and DNS in general), I would appreciate it
very much.

Thanks in advance.

Greetings, Emile van Bergen (please send mail (for now) to

to posting to this newsgroup...)

 
 
 

1. Weird netowrk forwarding/masq'ing question.

         OK, here's the situation.

         I've got two machines one that has a static IP and is
connected to the net 24/7, and the second that can travel, and will
have various ip's as it goes.  What I want is to have the travelling
computers services avaliable when it is up, But I want to have a firm
location to send people to to acces them.

         I figured I'd set things up so that on connect the roming
computer would email it's address every time it came up, and send a
'cease and disist' when it came down.  What I would have is the
ability to go to 'static.host.name:23080' and that would
redirect to 'romers.ip.addr:80' or any other port minus 23000 for
example.

        I've looked at some of the IP Masq'ing stuff, but couldn't
seem to find what I'm looking for.  Is there any simple daemon that I
could put on the port that would redirect the packets?

      Any help is apreciated.  TIA.

--
================================================================  /| |\
    James V. Di Toro III        | "Given enough eyeballs,        / |_| \/\
                                |      all bugs are shallow."   |()\ /  ||
                                |------------------------------ |---0---_|
                                |                                \ / \ /

2. Boot manager

3. IP Masq/IP Chains Question (forwarding smtp to 'internal' mail server...)

4. Limitations of Linux Kernel document.

5. iptables masq'ing and services running on the masq box

6. What is GNOME for??

7. IP Masq'ing a block of class C's to itself over 2 interfaces?

8. WinNT/PPP/MSChap

9. IPTables vs. DNS (or : iptables doesn't change sourceport when MASQ'ing)

10. ping -g 'gateway-IP' 'host-IP' DOESN'T work!

11. not tar 'ing files which are located in dir having whitespaces

12. MASQ'ing quirk

13. IP masq'ing