[Exim] Question about proper config for mail server behind f…

Etusivu
Poista viesti
Vastaa
Lähettäjä: prosolutions
Päiväys:  
Vastaanottaja: exim-users
Aihe: [Exim] Question about proper config for mail server behind firewall
Here is the setup I am trying to do:

Have a mail server behind a firewall. The firewall port-forwards incoming SMTP to the mail server. For the sake of example:

mail server:
mail.domain.com
192.168.0.2

firewall
fire.domain.com
111.222.333.444 external interface
192.168.0.1    internal interface




My first question concerns the MX record. Should I have:

IN      MX  0   mail.domain.com
mail                    IN      A       111.222.333.444



so that dns name is the actual mail server behind the firewall but the IP is the address that SMTP is port-forwarded from?

(This is currently what I have now and it works in terms of mail working for the mail server behind the firewall).

My problem now is that I cannot get mail to work correctly on the firewall itself. When it sends what should be local mail to unqualified recipients (such as administrative notifications to root) it does a DNS lookup and freaks out with a message "R=lookuphost defer (-1): remote host address is the local host LOG: 0 MAIN Frozen"

I am using Exim v.3 (Debian stable branch). Below are some relevant lines fromexim.conf:

qualify_domain = fire.domain.com (changing this to localhost or anything else has no effect)

local_domains = localhost:fire.domain.com

host_lookup = * (commenting this out seemed to have no effect)

#                      TRANSPORTS CONFIGURATION
local_delivery:
  driver = appendfile
  group = mail
  mode = 0660
  mode_fail_narrower = false
  envelope_to_add = true
  return_path_add = true
  file = /var/spool/mail/${local_part}


#                      ROUTERS CONFIGURATION


lookuphost:
driver = lookuphost
transport = remote_smtp



In /etc/email-addresses I put the following, thinking that it would cause unqualified mail to me and root to be recognized as local but it did not help:

me: me@???
root: root@???