Overriding MX records to internal gateways

Pedro Espinoza raindoctor at gmail.com
Mon May 5 14:49:39 UTC 2008 

On Sat, May 3, 2008 at 11:47 AM, Josh Smith <juicewvu at gmail.com> wrote:
> Why not just configure your MTA to use your internal gateway(s) as smart hosts?

I asked this question, because my shop has this setup; and I am trying
to understand how they set up. Here is the sample dig results, for
google.com A, MX, NS

# dig @a.b.example.com google.com ns

; <<>> DiG 9.3.2 <<>> @a.b.example.com google.com ns
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3595
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;google.com.                    IN      NS

;; AUTHORITY SECTION:
com.                    1800    IN      NS      abc200.a.example.com.
com.                    1800    IN      NS      abc201.a.example.com.



# dig @a.b.example.com google.com a

; <<>> DiG 9.3.2 <<>> @a.b.example.com google.com a
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3193
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;google.com.                    IN      A

;; ANSWER SECTION:
google.com.             19      IN      A       72.14.207.99
google.com.             19      IN      A       64.233.187.99
google.com.             19      IN      A       64.233.167.99



# dig @a.b.example.com google.com mx

; <<>> DiG 9.3.2 <<>> @a.b.example.com google.com mx
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18239
;; flags: qr rd; QUERY: 1, ANSWER: 4, AUTHORITY: 2, ADDITIONAL: 6

;; QUESTION SECTION:
;google.com.                    IN      MX

;; ANSWER SECTION:
google.com.             1800    IN      MX      6 relay1.example.com.
google.com.             1800    IN      MX      6 relay2.example.com.







>  Thanks,
>  Josh
>
>
>
>  On Fri, May 2, 2008 at 3:56 PM, Kevin Darcy <kcd at chrysler.com> wrote:
>  >
>  > Pedro Espinoza wrote:
>  >  > Gurus:
>  >  >
>  >  > is it possible with BIND to replace authoritative MX records with
>  >  > internal gateways, so that the MTA can route the email to internal
>  >  > gateways? Of course, sendmail/postfix provides a solution to do that.
>  >  > But I am looking at DNS level, as follows:
>  >  >
>  >  >
>  >  >
>  >  > ;; QUESTION SECTION:
>  >  > ;gmail.com.                     IN      MX
>  >  >
>  >  > ;; ANSWER SECTION:
>  >  > gmail.com.              870     IN      MX      10 localrelay1.example.com.
>  >  > gmail.com.              870     IN      MX      50 localrelay2.example.com
>  >  >
>  >  >
>  >  You'd have to have a "private" version of the whole gmail.com zone.
>  >
>  >
>  >  -Kevin
>  >
>  >
>  >
>
>
>
>  --
>  Josh Smith
>  email/jabber: juicewvu at gmail.com
>  phone: 304.237.9369(c)
>
>  () ascii ribbon campaign - against html e-mail
>  /\ www.asciiribbon.org - against proprietary attachments
>
>

More information about the bind-users mailing list