efa-project.org


https://forum.efa-project.org/

EFA behind another mail relay (inbound)

https://forum.efa-project.org/viewtopic.php?t=3039

Page 1 of 1

EFA behind another mail relay (inbound)

Posted: 05 Apr 2018 10:52
by p_il_musicante
EDIT
Actually we have in production an eFa appliance ahead of the mail server and behind internet firewall.

See the following scheme

| FW | --> | eFa | --> | Mail Server |

we want to put a new mail relay between firewall and eFa still leaving the original mail server (adding on other hop)

See the following scheme for the new infrastructure

| FW | --> | new mail relay | --> | eFa | --> | Mail Server|

is it needed any change on eFa configuration or it will still work correctly?

Should we expect any issue from the change of the senders IP adresses, from the orignal public IPs to the new mail relay private IP adress?

FYI our eFa configuration doesn't have reverse dns lookup or any kind of check on IP addresses

Re: EFA behind another mail relay (inbound)

Posted: 05 Apr 2018 13:38
by budy
It sure is - this is the way, we are doing it. Just configure your mail gateway correctly to send all messages for it's resp. domains to eFa.

Re: EFA behind another mail relay (inbound)

Posted: 05 Apr 2018 15:01
by p_il_musicante
See the following scheme

| FW | --> | eFa | --> | Mail Server |

we want to put a new mail relay between firewall and eFa still leaving the original mail server (adding on other hop)

See the following scheme for the new infrastructure

| FW | --> | new mail relay | --> | eFa | --> | Mail Server|

is it needed any change on eFa configuration or it will still work correctly?

Should we expect any issue from the change of the senders IP adresses, from the orignal public IPs to the new mail relay private IP adress?

FYI our eFa configuration doesn't have reverse dns lookup or any kind of check on IP addresses

Re: EFA behind another mail relay (inbound)

Posted: 05 Apr 2018 15:12
by pdwalker
Sure, all you have to do is configure EFA to use your new mail gateway as a "smart host". Thus, efa will forward the messages onto the new mail gateway and leave it to the mail gateway to forward the messages for you.

Re: EFA behind another mail relay (inbound)

Posted: 02 May 2018 12:45
by jamerson
Hi We have this configured on a production and it does works fine.

i dont know which FW are you using but it smart to configure a relay in case one of the EFA is down the emails keeps working.
| FW | --> | new mail relay | --> | eFa | --> | Mail Server|

Configure the Mail Server to hand out the emails to the EFA and the new Mail relay.
Configure the EFA to hand out the emails "smarthost" to the new mail relay.
Configure the new mail relay to send out emails using the mx records or ISP SMTP relay.
Configure the Firewall maybe a loadbalancing to forward port 25 to both EFA and new Mail relay.

we have this configure and its great for load balancing.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited