I'm in progress of setting up a mailing infrastructure on our hosting
platform. We have our own BIND dns server and a postfix server. The
postfix server is behind a firewall, a public ip is configured on the
public interface of the firewall and is translated to a private ip on
the postfix server (static natting). Outside smtp servers can connect
on port 25 of the public ip. Multiple domains (customerA.com,
customerB.com ..) , each with an MX record, will be configured on the
BIND server. Each MX record will point to postfix.ourdomain.com.
Postfix.ourdomain.com will point to the public ip. The postfix
server will also run spamassassin. Behind the firewall, multiple
customer, mailing systems exist such as sendmail, exchange....
I want to configure postfix like this
all mail for @customerA.com needs to go to the ip of the exchange
server of customerA
all mail for @customerB.com needs to go to the ip of the sendmail
server of customerB
....
The customer mail servers can use the postfix server as a mail relay
The reason I want to point all mx records to our own postfix server
and not directly to the customer mail server is to use less public ip
addresses and to provide an antispam/antivirus solution.
How can I configure this ?
Thank in advance
In main.cf
transport_maps = hash:$config_directory/transport
which will tell postfix to look in the hashed db of transport
(transport.db)for its transports.
then in "transport"
customerA.com :[internal ip of exchange server]
customerB.com :[internal ip of sendmail]
then run
postmap transport && postfix reload
Another option is to set the mx records for these domains to the
internal ip address.
for example customera.com.zone
IN MX 192.168.50.10
If you go this route then you don't need to do anything in postfix, as
it will just send it where bind told it to.
You can setup "views" in bind, so that only your mail server or
internal network will get that mx record. Everything outside of that
view should use the public ip.
Depends where you are more flexible, in bind or postfix. For example
if your using ldap or something else to dynamically update bind, then
it may be easier for you to do it that way.. If not, then transport
maps will probably save you more time and headache then setting up
multiple zone files for all your domains.