[an error occurred while processing this directive]
Posted: 3 Mar 2004
I am adding a NetMail Server to a school environment that has an existing GroupWise Server that services the school staff. In addition, there is a GWGuardian Server located in the DMZ that relays all outgoing and incoming mail to and from GroupWise. I want the new NetMail server to be able to send directly to GroupWise and GroupWise to be able to send directly to NetMail without having to be relayed through the GWGuardian box. The reason is the time lag created by the extra step of going through the relay and also the additional traffic. Below you will find a diagram of the current configuration.
Since NetMail already has Virus Scanning built in, I'm not worried about NetMail sending or receiving viruses. If someone were to send an email from GroupWise to NetMail that contained a virus, it would not be delivered. I'm also not concerned about Spam from GroupWise to NetMail or vice versa. But, I do want all email coming from the Internet to be scanned for both SPAM and AntiVirus.
My real world DNS server points my primary domain and all of my subdomains to GWGuardian's IPADDRESS. When mail comes in from the Internet, GWGuardian makes the decision based upon the routes set up whether to send the mail to GroupWise or to NetMail. NetMail sends Internet mail directly from NetMail and is not relayed through GWGuardian. GroupWise sends all Internet mail through GWGuardian. But, GWGuardian and GroupWise send directly to each other.
After you have your fake DNS working, type inetcfg at the terminal prompt on your NetMail Server. Scroll down and select protocols. Then select TCP/IP. Next scroll down and select DNS Resolver Configuration. Make sure the Domain Name shows your primary domain name. In the name server 1 box, enter your fake DNS Server's ip address. In the name server 2 box, enter your primary DNS server's ip address. And if you want, you can enter another backup DNS server's ip address in the last box. Hit escape then exit out of inetcfg. At this point you will need to reboot your NetMail Server.
After NetMail reboots, open NWAdmin from the NetMail Server. Edit the SMPT Object under your NetMail Server context which should be located in the Internet services container. Make sure you have your primary domain listed under Global Domains. In my case I also needed to make sure that all of my sub-domains were also listed.
The Options tab should be set up as shown in the screen capture below, with nothing in the Mail Relay Host [Forwarder] box.
On the UBE Relaying tab of the SMTP object, make sure you have the option "Only allow remote sending for authenticated senders" checked. Without this you are open to unauthorized mail relay and almost certainly will be put on a black list.
Now, simply reload NetMail using the IMS command.