Firewall and Multiple IP Addresses

I'm not going to beat you up for 6.5, but you need to be using 2000 or

You need to setup user accounts on the server, then recipient policy for each domain, then setup aliases for each user so that they have an address in the public domain names. Make sure you set one of the public names as the primary.

Yes, you just need to add them to the External Interface.

No, each inbound SMTP, as long as it goes to the same server that all the domains reside on can use the same IP for MX and other.

I have domain1.com and domain2.com with MX records that point to mail.domain1.com and mail.domain2.com and both mail have A records that have the same IP address.

As long as you setup exchange to handle the domains on the IP you forward inbound to the server you can have 100+ domains on the same exchange server (recipient policy domains)

Until you max out the WG for performance reasons, and being that they are limited to X internal IP Addresses based on your license, you can use it forever.

While the 6 makes a nice SMALL firewall, you should look into getting a

I also think it is a single public IP which leads me to believe that I need to upgrade. The question is to what make/model of firewall? I'm not particular to a brand but don't want to spend a fortune, either.

In regards to Leythos' first response, I don't think this addresses reverse DNS lookups accordingly. Some email servers perform the reverse DNS lookup and if I have just 1 IP address for several domains, this will fail for all but one. It looks like the upgrade is inevitable.

-Matt

I thought the SOHO 6 was single IP on the external I/F. all the ones I've got here are.

For incoming email it doesn't matter at all.

For outgoing email, if the IP address resolves to a host name and that host name resolves back to the same IP address, and the host name in HELO/EHLO also resolves to the same IP address, then you should be okay.

Unless a site is being overly picky, it shouldn't matter if the HELO/EHLO host name is different from the rDNS host name.

In no circumstances should it matter if the envelope MAIL FROM host or domain name is different from the rDNS or HELO/EHLO.

I thought with version 7 you could add another IP. I could be wrong as I've not used a 6 in a long time, I've got many 6tc units.

got here are.

I've got our company email server setup with 4 domain names for email, the only time we have email problems is when someone sends html.

Our IP resolves to the lookup of the ISP, we have a block of IP and they will not change the name to our company name.

We have A/MX records that resolve to our public IP for each domain, it's been painless.

Only one choice really - Watchguard Firebox X

If cost is really a problem then try one of the open source solutions such as IPCOP which will do multiple IPs on the external I/F

Don't send direct. Use your ISP's smarthost.

Upgrade Exchange to 2003 before opening it to the world with an SMTP feed or put a proxy between it and the world. If I recall correctly there is an unfixed bug which will make it a NDR relay. Nobody should be running anything less than Exhange 2000 when directly connected in my opinion.