Re: [Exim] Putting EXIM in Front Of Exchange

Top Page
Delete this message
Reply to this message
Author: Glen Mehn
Date:  
To: andrew
CC: exim-users
Subject: Re: [Exim] Putting EXIM in Front Of Exchange
Andy Thomas wrote:

>This is a multi-part message in MIME format.
>--
>[ Picked text/plain from multipart/alternative ]
>I am very interested in learning the best case practices of putting and EXIM
>mail server in front of a M$ exchange server to serve as a intermediary to
>do for Exchange what it cannot do for itself...
>
>Issues of Specific Interest are:
>
>REVERSE DNS LOOKUP
>RBL , ORBS, CHECKING
>pluses are SPAM BLOCKING (SPAM ASSASIN like TOOLS) and ANTI-VIRUS Tools
>
>Most of our M$ exchange sites are installed as follows...
>
>192.168.1.1 is the Internet Router (Linux Redhat 7.2 using Iptables for
>firewall) We plan to install EXIM 3.x on these boxes to server as
>go-betweens....
>
>the Internal Exchange Servers are 192.168.1.5 on all LANS... (both Exchange
>5.5 and 2000)
>
>I would like to hear some comments or suggestions or reference sites to
>making this a reality.
>
>
>

Hi Andy:

There's lots of ways you can do this with exim. IIRC (I haven't run
exchange in ~4 years, but I've worked with exchange admins in the
meantime) there's no 'fetchmail' option to exchange.

What I've done successfully is to setup a double-DNS section.
Publically, you have

   IN    MX    5    exim.yourhost.com.
    IN    MX    10    exchange.yourhost.com.


(the reason exchange is on there is for failover-- the exchange machine
will receive mail if exim ever goes down, just that spam/virus/etc will
get through-- your risk, of course)

Then, you make your intranet DNS servers route mail like this:

    IN    MX    5    exchange.yourhost.com.
    IN    MX    10    exim.yourhost.com.


That way, incoming mails will hit the exim host first, then will route
to the exchange host.

Again, you can (and I recommend) do this without exposing the exchange
boxes to the internet-- if you put the exim boxes in your DMZ, you can
have your exchange boxes on your intranet.

You could also make an exim server with courier-imap, ldap, and some
shared calendaring software and get rid of exchange altogether :>

-g