Overriding MX records to internal gateways
Pedro Espinoza
raindoctor at gmail.com
Mon May 5 14:49:39 UTC 2008
On Sat, May 3, 2008 at 11:47 AM, Josh Smith <juicewvu at gmail.com> wrote:
> Why not just configure your MTA to use your internal gateway(s) as smart hosts?
I asked this question, because my shop has this setup; and I am trying
to understand how they set up. Here is the sample dig results, for
google.com A, MX, NS
# dig @a.b.example.com google.com ns
; <<>> DiG 9.3.2 <<>> @a.b.example.com google.com ns
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3595
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;google.com. IN NS
;; AUTHORITY SECTION:
com. 1800 IN NS abc200.a.example.com.
com. 1800 IN NS abc201.a.example.com.
# dig @a.b.example.com google.com a
; <<>> DiG 9.3.2 <<>> @a.b.example.com google.com a
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3193
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 19 IN A 72.14.207.99
google.com. 19 IN A 64.233.187.99
google.com. 19 IN A 64.233.167.99
# dig @a.b.example.com google.com mx
; <<>> DiG 9.3.2 <<>> @a.b.example.com google.com mx
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18239
;; flags: qr rd; QUERY: 1, ANSWER: 4, AUTHORITY: 2, ADDITIONAL: 6
;; QUESTION SECTION:
;google.com. IN MX
;; ANSWER SECTION:
google.com. 1800 IN MX 6 relay1.example.com.
google.com. 1800 IN MX 6 relay2.example.com.
> Thanks,
> Josh
>
>
>
> On Fri, May 2, 2008 at 3:56 PM, Kevin Darcy <kcd at chrysler.com> wrote:
> >
> > Pedro Espinoza wrote:
> > > Gurus:
> > >
> > > is it possible with BIND to replace authoritative MX records with
> > > internal gateways, so that the MTA can route the email to internal
> > > gateways? Of course, sendmail/postfix provides a solution to do that.
> > > But I am looking at DNS level, as follows:
> > >
> > >
> > >
> > > ;; QUESTION SECTION:
> > > ;gmail.com. IN MX
> > >
> > > ;; ANSWER SECTION:
> > > gmail.com. 870 IN MX 10 localrelay1.example.com.
> > > gmail.com. 870 IN MX 50 localrelay2.example.com
> > >
> > >
> > You'd have to have a "private" version of the whole gmail.com zone.
> >
> >
> > -Kevin
> >
> >
> >
>
>
>
> --
> Josh Smith
> email/jabber: juicewvu at gmail.com
> phone: 304.237.9369(c)
>
> () ascii ribbon campaign - against html e-mail
> /\ www.asciiribbon.org - against proprietary attachments
>
>
More information about the bind-users
mailing list