Email Server - Port Forwarding
You can use either of the following methods to route email messages to your spam proxy firewall as below;
• Port forwarding is used when a spam proxy firewall is behind a corporate firewall running NAT (Network Address Translation)
• MX records are used when a spam proxy firewall is located in a DMZ with a routable public IP address
If your spam proxy firewall is behind a corporate firewall, you need to setup port redirection (port forwarding) of incoming SMTP traffic (port 25) to the spam proxy firewall.
If your spam proxy firewall is in the DMZ (not protected by your corporate firewall), follow the below guide to route incoming email messages to the server:
How email is routed over the internet
Mail servers send and receive email for and from specified domains.
DNS – is used to identify where email should be delivered. A minimum of two DNS records are used when delivering email.
MX records – Specify which email servers should accept email for each domain
A records – Identifies the IP addresses of each email server.
With the above records specified email can then be routed from email servers to email servers over the internet.
DNS changes required as below
1 Create a DNS entry for your spam firewall.
The following example shows a DNS entry for a spam firewall with a name of firewall and an IP address of 22.214.171.124:
firewall.company.com IN A 126.96.36.199
2 Change your DNS MX Records.
The following example shows the associated MX record with a priority number of 5:
IN MX 5 firewall.company.com
If you are intending to host your own spam firewall and domain, then you would need to register a domain with an ISP, purchase some public IP addresses, and either give a public address directly to the spam firewall itself or use port forwarding via the corporate firewall. If you do have a public address on the corporate firewall and are intending to use port forwarding, then you would not need any more public addresses. You would need to specify the relevant MX and A records via your ISP, usually done via a control panel on the ISP website. This is to tell the world where to route the company's emails destined for that particular domain.
Wikipedia's guide to Port Forwarding