> > I'm runnung a firewall that is placed before the domain, lets say xyz.com
> > The firewall is named gateway and there's also an MX-entry for xyz.com
> > which directs mail to gateway.xyz.com .
> > The problem is, that gateway doesn't seem to accept mail that is directed to
If you want the gateway to receive the email (not relay this email to the
secure network!) you need a additional "cw" entry in your sendmail.cf,
this is done to tell sendmail whose mail domains it really is. If you want
to relay mail, I suggest that you use the mailertable feature, where you
can map domains inside the secure network and the machines responsible
for them, in this case give a look in the file cf/README in the sendmail
source tree.
I strongly suggest that if you feel need to hack the sendmail config files
use the m4 macro compiler (as described in cf/README). Give a lot of work
until you get a good m4 generated config, but once you get used to it, you
will see that dealing with the m4 is much simpler than with sendmail.cf...
Quote:> You probably need an 'M' line (for Masquerade) in your sendmail config
> file (assuming that's what you're using).
I think masquerade is only for outgoing mail, no?
Quote:> Alternatively, why not put a rule on the firewall to allow incoming SMTP traffic
> (only) through to the 'proper' mail host? Is there a good reason you want to
> have it relayed by the firewall?
Because you would open a door for mail bombs right through your secure
network! The safer option is to get mail processing in the fw machine, and
if possible doing it safely (receiving mail on a chrooted dir, for
instance) the TIS toolkit has a very good solution for safer mail
receiving, and as much as I know, it is, under certain license conditions,
freely usable.