Re: [Exim] Putting EXIM in Front Of Exchange

Top Page
Delete this message
Reply to this message
Author: Dave C.
Date:  
To: Glen Mehn
CC: andrew, exim-users
Subject: Re: [Exim] Putting EXIM in Front Of Exchange
On Tue, 23 Jul 2002, Glen Mehn wrote:

> Andy Thomas wrote:
>
> >This is a multi-part message in MIME format.
> >--
> >[ Picked text/plain from multipart/alternative ]
> >I am very interested in learning the best case practices of putting and EXIM
> >mail server in front of a M$ exchange server to serve as a intermediary to
> >do for Exchange what it cannot do for itself...
> >
> >Issues of Specific Interest are:
> >
> >REVERSE DNS LOOKUP
> >RBL , ORBS, CHECKING
> >pluses are SPAM BLOCKING (SPAM ASSASIN like TOOLS) and ANTI-VIRUS Tools
> >
> >Most of our M$ exchange sites are installed as follows...
> >
> >192.168.1.1 is the Internet Router (Linux Redhat 7.2 using Iptables for
> >firewall) We plan to install EXIM 3.x on these boxes to server as
> >go-betweens....
> >
> >the Internal Exchange Servers are 192.168.1.5 on all LANS... (both Exchange
> >5.5 and 2000)
> >
> >I would like to hear some comments or suggestions or reference sites to
> >making this a reality.
> >
> >
> >
> Hi Andy:
>
> There's lots of ways you can do this with exim. IIRC (I haven't run
> exchange in ~4 years, but I've worked with exchange admins in the
> meantime) there's no 'fetchmail' option to exchange.


the way fetchmail works sucks anyway, but so does exchange.. Ugh..

> What I've done successfully is to setup a double-DNS section.
> Publically, you have
>
>    IN    MX    5    exim.yourhost.com.
>     IN    MX    10    exchange.yourhost.com.

>
> (the reason exchange is on there is for failover-- the exchange machine
> will receive mail if exim ever goes down, just that spam/virus/etc will
> get through-- your risk, of course)
>
> Then, you make your intranet DNS servers route mail like this:
>
>     IN    MX    5    exchange.yourhost.com.
>     IN    MX    10    exim.yourhost.com.



Ugh. My god why? Just use a domainlist(exim3) or manualroute(exim4)
router to tell the exim box where to deliver mail.. You shouldnt list
internal servers in a public DNS at all.

>
> That way, incoming mails will hit the exim host first, then will route
> to the exchange host.
>
> Again, you can (and I recommend) do this without exposing the exchange
> boxes to the internet-- if you put the exim boxes in your DMZ, you can
> have your exchange boxes on your intranet.
>
> You could also make an exim server with courier-imap, ldap, and some
> shared calendaring software and get rid of exchange altogether :>
>
> -g
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>
>