Welcome, Guest. Please login or register.
Did you miss your activation email?
Saturday 21 December 2024, 05:20:03 pm

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14262 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  EFW SMTP, HTTP, SIP, FTP Proxy Support
| | |-+  SMTP Proxy Active vs Transparent
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: SMTP Proxy Active vs Transparent  (Read 14568 times)
kilimanj99
Full Member
***
Offline Offline

Posts: 13


« on: Monday 03 October 2011, 02:38:37 am »

Can someone please explain something to me, I cant seem to find any documentation on this.

I understand that Transparent should mean that all mean is intercepted and run through the proxy withought any additional configurations needed by the clients right?

So my question is, what is active? What configuration settings are needed for this to work?

Here's what I am seeing:
GREEN - Transparent, RED - Inactive - mail passes both ways no problem
GREEN - Transparent, RED - Active - Inbound mail works but outbound does not (Why would you want RED active? to prevent random people from trying to relay off you?)

GREEN - Active, RED - Active or Inactive - mail passes both ways no problem

In all these scenerios it does not appear mail is being marked as SPAM when it should be. I set the spam filter to mark and pass with a score of 0, so I thought that would mean mark everything but nothing gets marked. So I put it up to 1, still nothing, and I know some are SPAM's. What am I missing to get my mail marked as *** SPAM ***Huh?

Also, is it possible to prevent external sources from trying to relay? I can see they try but it fails/denied by my mail server, but I'd like to prevent the try too.

Thanks
Logged
kilimanj99
Full Member
***
Offline Offline

Posts: 13


« Reply #1 on: Tuesday 04 October 2011, 01:43:06 am »

Found this thread thought it might help. I think it may be leading me to the right track but I still can't get it working. Basically I do/did have a port forward in the firewall from RED to my exchange server and an incoming allow rule of port 25 from RED to my exchange server. I disabled both of these firewall rules and can still telnet to port 25 so the SMTP proxy appears to be stepping in to take the port traffic, however mail never made it to my exchange mail server. I have spam set to pass so it shouldnt have been quarantined. I also tried every combination of Active, Inactive, Transparent for both RED and GREEN, I am unclear how these should look. Seems Active - Active works best. I have my domains and mail server listed in the incoming domains section.

www efwsupport com/index.php?topic=307.0

Logged
kilimanj99
Full Member
***
Offline Offline

Posts: 13


« Reply #2 on: Tuesday 04 October 2011, 07:58:42 am »

ok, after a few hours of playing around I think I figured this all out.

1. Active just means that it will respond to port 25, whereas tranparent will just inspect the packets and intercept. So for inbound you need RED as active because Endian will become the new mail relay for your internal servers. For outbound if GREEN is active the internal mail server just sends the mail out normally, whereas if its transparent, the Endian box intercepts, does what it needs to, then sends it out.

So what I had to do was the following:
1. Disable my PAT on port 25 to my internal mail server
2. Disable my inbound FW rule on port 25 to my mail server
3. Make sure all my internal domains were in the accepted list
4. Lastly uncheck the 4 checkboxes under advanced looking for Helo and FQDN etc. I'll recheck these 1 by 1 to see which I can keep but my mail was failing with this on.

So now that I have it working - time to play around with the settings to lock it down a little tighter.
Logged
kilimanj99
Full Member
***
Offline Offline

Posts: 13


« Reply #3 on: Tuesday 04 October 2011, 07:59:06 am »

oops, accidentally posted twice... <deleted>
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.063 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com