Email server in DMZ, RT in LAN?

Basic question about how to configure things:

Our email server is running in our DMZ. RT is installed behind our
firewall. To funnel a message to "help@mydomain.com" to
RequestTracker, do I have to permit DMZ->LAN traffic on port 25 between
these two hosts (I’d rather not)? Or am I missing something basic?

TIA,
Carrie Coy

ccoy.vcf (198 Bytes)

Meant to send this to the whole list, also – in case anybody else was trying
to do the same thing.Subject: Re: [rt-users] Email server in DMZ, RT in LAN ???
Date: Mon, 5 Nov 2001 17:33:17 -0500
From: Justis Peters justis@opennms.org
To: Carrie Coy ccoy@ssww.com

We worked around this by using fetchmail. All the mailboxes for RT are
aliased to one “holding” account on our email server. Then, fetchmail
(running as a daemon) goes out and retrieves all the email. Once it gets it,
it delivers it directly to procmail. We have custom procmail rules setup to
trigger the rt-mailgate application.

You could probably have fetchmail deliver straight to sendmail, postfix, etc.
That way you could still use the aliasing the way it is described in the
installation docs. We chose to use procmail, however, because it allowed us
to get rid of sendmail.

If you need a copy of the fetchmail and procmail configs, let me know and
I’ll pass them on. Good luck!

Justis Peters
justis@opennms.org