Forwarding from Internal DNS server.

[Jim Reid]

>>>>> "Kevin" == Kevin Darcy <kcd at daimlerchrysler.com> writes:

    >  ... earlier discussion about mail routing on an intranet
    > with its own root servers deleted ....
    >
    >> As for mail, you will probably have to configure your internal
    >> mail systems to recognise non-local domain names in addresses
    >> and forward those messages to a smart system which can deliver
    >> to the outside them via the firewalls.

    Kevin> I thought the point of the exercise was to try and send
    Kevin> mail out a "nearby" Internet connection whenever possible;
    Kevin> sending everything to a "smart" system would seem to mostly
    Kevin> defeat that purpose, since by the time the "smart" system
    Kevin> has figured out how best to send out the message, it's
    Kevin> already travelled across the WAN, and might have to travel
    Kevin> even further across it to get to the closest firewall.

True, but that's an implementation detail as would be deciding to
locate the smart mail hub(s) next to the firewall(s). There could be
multiple "smart" mailhubs on the intranet. [Having just one would be a
glaring SPoF.] There are a couple of ways that mail could be routed
between them and the local mail servers. One entails doing Evil Things
(IMHO) to the internal root zone. Another is to configure local mail
systems with some intelligence about the location of these smart mail
hubs and route mail to the "best" hub. Both approaches work. From an
earlier discussion on this topic, readers of this list might recall
that the two of us have opposing views about which of these
apporoaches is best. :-)