On Fri, 22 Dec 2000 22:55:49 +0100, Michael Steiner writes: >Robert Waldner wrote: >> >> On Fri, 22 Dec 2000 16:24:16 +0100, Michael Steiner writes: >> <snip> >> >> Well, the quickfix would be a virtusertable containing something like >> [EMAIL PROTECTED] [EMAIL PROTECTED] >> for each&every user. >> >snip > >This is what I'm doing here at my home configuration, but for the office >it was my horor-vision. I thought I could do it in the simple way like: > >[EMAIL PROTECTED] $1 or [EMAIL PROTECTED] > ^^ ^ > - whatever the correct syntax would be > >When I tried to change our network-config in office I learned that does >not work. Sendmail rejected all incoming mails. Exchange didn't send out >mails because it didn't find the official.domain.
http://www.sendmail.org/virtual-hosting.html the virtusertable should look like: @yourdomain.com [EMAIL PROTECTED] now the exchange needs to feel responisble for othercompany.com. I strongly suggest to also use the sendmail for outgoing mail, so define it as smarthost (dunno how this feature´s called with exchange) and get sendmail to hide it from the world, eg via MASQUERADE_AS(official.domain) (and, maybe, FEATURE(`masquerade_envelope') ). now it only has to relay for the exchange: /etc/mail/relay-domains: internal.name.of.exchange RELAY and et voila, it should be done. my sendmail knowledge ends here, if I got something wrong, some guru please correct me ;-) I also recall seeing a thread about exactly this situation sometime this year in <news:at.linux> so you might want to search deja.com for it (at.linux, eg german spoken only there ;-) ). >One additional question I have to you, because I'm running a local >name-server. (bind) with 2 master-zones set. One for the DMZ and one for >the internal zone. >In my understanding it should not be necessary, but to be shure - Do I >have to set additional entries in my master-zone files like MX records ? if you´re primare NS for official.domain: yes. first MX (eg lower precedence) should point to the sendmail (to the DNS-name with the official IP-address), second one to your ISPs mail-backup. internal it shouldn´t be necessary, just make sure that your internal names&addresses aren´t accessible for the outside world, eg use an access-list like acl noexternal { 192.168.0.0/16; 127.0.0.0/8; 10.0.0.0/8; !0/0; }; zone "intern.waldner.priv.at" { type master; file "master/intern.waldner.priv.at"; allow-query { noexternal; }; }; >So 2nd chance to change the system in office with the long version of >vitualusertable will be 2nd January. (after holidays) good luck ;-) ! cheers, &rw -- / Ing. Robert Waldner | Network Engineer | T: +43 1 89933 F: x533 \ \ <[EMAIL PROTECTED]> | KPNQwest/AT | Diefenbachg. 35, A-1150 /
