I am planning to do the following:

I want to install a mailserver behind a firewall that does NAT. And I
dont want to put the mailserver in the DMZ cause it also acts as
fileserver and much more internal stuff.

I just want to setup a portforward from the firewall to port 25 on the
internal mailserver, which is fairly easy and should do the trick.

When I then setup sendmail so its showing the proper name (that relates
to the public IP of the firewall) in its greeting-dialog, then
everything should be fine, or do I miss something very important here?

i) can I configure sendmail, so it announces as a different name than
the local hostname ?? (mailserver.local does not look so good in the
sendmail greeting-dialog and it will not resolve to the public IP)

ii) Is my setup more likely to be my outgoing emails (my sendmail also
acts as smtp-server for the other machines in the LAN) marked as spam by
other mailservers ??? imho the setup should be quite straight and
outside computers shouldnt even notice that sendmail is running
somewhere inside beside one additional header that has a private IP.

iii) Is there something else that I miss? I dont ask in the
network-forum, cause the technical part is quite clear to me. Question
is only if I miss something vital on the effects to sendmail or how
other see my emails. I setup quite a few sendmails, but always as
standalone, or in a DMZ or directely on the firewall, but never on a
server which is completely behind the firewall.

thnx a lot,
peter

peter pilsl <pilsl@goldfisch.at> wrote:
> I just want to setup a portforward from the firewall to port 25 on the
> internal mailserver, which is fairly easy and should do the trick.

Yes.

> i) can I configure sendmail, so it announces as a different name than
> the local hostname ?? (mailserver.local does not look so good in the
> sendmail greeting-dialog and it will not resolve to the public IP)

Yes. For example by specifying:
define(`confDOMAIN_NAME', `your.fqdn.here')

> ii) Is my setup more likely to be my outgoing emails (my sendmail also
> acts as smtp-server for the other machines in the LAN) marked as spam by
> other mailservers ??? imho the setup should be quite straight and
> outside computers shouldnt even notice that sendmail is running
> somewhere inside beside one additional header that has a private IP.

Depends on the IP-range you are coming from. If it looks like a dynamic-pool
the answer is "Yes".

> iii) Is there something else that I miss? I dont ask in the
> network-forum, cause the technical part is quite clear to me. Question
> is only if I miss something vital on the effects to sendmail or how
> other see my emails. I setup quite a few sendmails, but always as
> standalone, or in a DMZ or directely on the firewall, but never on a
> server which is completely behind the firewall.

You my also consider incoming ident-requests ('reject', not drop them
at the NAT-BOX, or forward them inwards also); you may also think about
the outgoing ident-request because the IP/Port tuples don't match anymore
when you are not using 1:1 NAT.

cu
Clemens.
--
/"\ http://czauner.onlineloop.com/
\ / ASCII RIBBON CAMPAIGN
X AGAINST HTML MAIL
/ \ AND POSTINGS