1

Topic: Multiple Domains, Multiple iRedMail Server, same DMZ subnet

As of now this is my setup
Multiple Domains, Multiple iRedMail Server, same DMZ subnet
The problem is that the servers can receive and send emails to
any external servers except that the servers inside the subnet
cannot exchange mail from its other, it says connection timeout.

Is my setup not possible?

Thanks

2

Re: Multiple Domains, Multiple iRedMail Server, same DMZ subnet

You should post related maillog, on both servers.

3

Re: Multiple Domains, Multiple iRedMail Server, same DMZ subnet

afaquino wrote:

As of now this is my setup
Multiple Domains, Multiple iRedMail Server, same DMZ subnet
The problem is that the servers can receive and send emails to
any external servers except that the servers inside the subnet
cannot exchange mail from its other, it says connection timeout.

Is my setup not possible?

Thanks

I have the same problem, but I tracked it down to be a bug in Endian Firewall (bug 1151): Green to Green access through Red Portforwarding.

Are you using Endian Firewall too?

4

Re: Multiple Domains, Multiple iRedMail Server, same DMZ subnet

afaquino wrote:

As of now this is my setup
Multiple Domains, Multiple iRedMail Server, same DMZ subnet
The problem is that the servers can receive and send emails to
any external servers except that the servers inside the subnet
cannot exchange mail from its other, it says connection timeout.

Is my setup not possible?

Thanks

As I explained in my previous reply I had the same problem.
It is a firewall problem (not only Endian Firewall but a lot of other firewalls have the same difficulties to make DMZ->DMZ through a NAT on their public interface, even a lot of Cisco cannot do it.) and not an iRedmail one.

I've solved it like this:
edit (or create) the file /etc/postfix/transport in all the servers you need
and write (according to your domains and configuration):

example.org   smtp: YOUR_DMZ_IP
example.com   smtp: YOUR_OTHER_DMZ_IP

and so on for all the domains you need to redirect to your internal IPs

restart postfix with
/etc/init.d/postfix restart

and you're done. it works.

PS: In all the DMZ servers I've also added in /etc/postfix/main.cf in $mynetworks the whole internal class, for example 192.168.0.0/24

Hope it helps,

Alberto