[WBEL-users] SendMail Gateway

Karanbir Singh mail-lists@karan.org
Thu, 01 Jul 2004 17:16:13 +0100 

Hi Simone,

I handle such situations via DNS. The issue comes up due to the redirect 
headers from the internal web severs ( that run the OWA ) reporting 
internal URL's which are passed through the proxy to the outside world, 
and these URL's are not accessible from the outside world.

Here is what I would do to resolve this situation :

Configure my internatl servers to work as mail-1.mydomain.com, 
mail-2.mydomain.com and mail-3.mydomain.com. Then setup on my internal 
DNS :
mail-1.mydomain.com pointing to 192.168.0.1
mail-2.mydomain.com pointing to 192.168.0.2
mail-3.mydomain.com pointing to 192.168.0.3

 From the External ( real internet dns ) I would have mail-1 setup to 
point to the world / global IP and have mail-2 and mail-3 as CNames to 
the mail-1 address.

That way irrespective of which URL / Server is used : the Internet users 
will only connect to your proxy machine ( which only needs 1 Global IP 
to work with ), while the proxy machine will know which machine to 
connect to on the inside based on the hostname.

You will however, need to setup your OWA / Exchange / Internal Webserver 
that hosts the web interface to work with and report on a real domain ( 
like http://mail-1.mydomain.com ) rather than internal machine name :( 
like http://mail/ )

This does work, I have more than 15 installations where this works well, 
for internal and external users. This also ensures that people on the 
inside and outside the network use the same URL to get to their Email.

There are atleast 3 other ways to achieve the same result, but this is 
what I work with - its very reliable and has an extremely low failure rate.

Hope this helps!

- K

Simone wrote:
> Hi,
> tried reverse proxy, it works till I get the authentication page, then I 
> get a "Cannot find server". It looks like the proxy is working fine, but 
> it cannot reverse the page generated by the Exchange server. The page is 
> for ex. http://mail.server/exchange and there I get the login prompt. If 
> I authenticate directly on this page (not through apache), then the page 
> name doesn't change, but the main frame information gives me 
> http://mail/server/exchange/username/Inbox/?Cmd=contents. I think since 
> the page name is not changed apache can't load the Inbox.
> Maybe I'm completely wrong, and I'll certainly google to find an answer, 
> but if anyone has a suggestion it would be very appreciated.
> 
> Thanks, have a nice day
> Simone
> 
> 
> At 13:43 28/06/2004, Johnny Hughes wrote:
> 
>> On Mon, 2004-06-28 at 05:28, Karanbir Singh wrote:
>>
>> I was also thinking that Outlook Web Access could work ... but you 
>> would either need to setup 3 IPs to point into the network to each 
>> server (not very secure) in the firewall ... or do reverse proxying of 
>> the all 3 servers from one external server.
>>
>> here is an article reverse proxy using apache:
>> http://www.apacheweek.com/features/reverseproxies
>>
>>
>>
>>
>>Johnny Hughes
>>
>>HughesJR.com <http://www.hughesjr.com>
>>
>>
>>
> 
> 
> 
> ----
> Email.it, the professional e-mail, gratis per te:clicca= qui 
> <3Dhttp://www.email.it/cgi-bin/start?sid=3D3>
> 
> Sponsor:
> ...Occhiali da sole? Da vista? Lenti a contatto?
> Vieni a provare la conv= enienza su Occhialeria.it!
> Clicca qui <3Dhttp://adv.email.it/cgi-bin/foclick.cgi?mid=3D881&d=3D30-6>
> qui
> 

-- 
Karanbir Singh

http://www.karan.org/
ICQ : 2522219 - Yahoo IM : z00dax
GnuPG Public Key : http://www.karan.org/publickey.asc