Routing email to different servers based on domain name.

Unanswered Question
Apr 15th, 2009
User Badges:

Hi All,

Is it possible to deliver email for 2 different domain names to 2 different internal servers?

For example, the emails for companya.co.uk and companyb.com are both delivered from the same mail filtering company and are received on the same external interface of the ASA but need to be delivered to different mail servers internally.

I susspect that I need to do some type of SMTP inspection but have no idea how to achieve this.


Thanks,

John.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
roshan.maskey Wed, 04/15/2009 - 17:50
User Badges:

Hi John,


It is possible to deliver two different domain emails to two different internal servers.


For example, the Public IP address for companya.co.uk=A.A.A.A and for companyb.com=B.B.B.B, the respective private address of the servers be P.P.P.A and P.P.P.B.


In ASA do the static nat for the servers

static (inside,outside) A.A.A.A P.P.P.A

static (inside,outside) B.B.B.B P.P.P.B


So, whenever email for companya.co.uk arrives it will be sent to inside P.P.P.A


Note: This configuration is made on assumption that you have internal Email Server for companya.co.uk and companyb.com

johnverdon Thu, 04/16/2009 - 09:55
User Badges:

Hi Roshan,

Will this work if both the mail domains are received from the the same source? i.e. the mx records for both companya.co.uk and companyb.com are set to Messagelabs for spam and virus filtering, Messagelabs then deliver the mail directly to the public interface of the ASA and so will appear to have come from the same place, and is delivered to the same interface.


Regards,

John.

AxiomConsulting Thu, 04/16/2009 - 11:43
User Badges:

John,


I've run something similar in the past.

As long at the static NATs are in place and Messagelabs know which public IP to forward to, (per domain) then you're good to go.

As an extra (and you may have already done this) but it may be worth while locking down your ACLs to allow only MessageLabs to communicate with your email servers on port 25.


Steve

Actions

This Discussion