|
Title: mailserver behind EFW, not getting emails unless I enable SNAT Post by: bangsters on Saturday 25 July 2009, 06:53:45 am I have installed mailenable behind our EFW. If I turn on SNAT in port forwarding, we get the emails. Although we get all emails even junk mails because the firewall IP is in the whitelist and since SNAT is checked, all incoming mail shows as coming from our firewall IP.
If I disable SNAT, non of the emails sent from sendmail (same subnet) go through.....as in none, no junk, no valid email, we cannot even telnet to port 25 of the supposed IP address of the mailserver. Any idea why? Only thing I changed was the SNAT check box in port forwarding. Example: 192.168.1.10 is the IP of mailenable server. 192.168.1.11 is the ip of linux webserver box. if I send an email from 192.168.1.11 (via php mail) to an email address hosted in 192.168.1.10, it does not get delivered. If I send an email from .11 (via php mail) to any public mailserver outside firewall it gets delivered. if I send email from outside mailserver (via php mail) to .11 it also gets delivered. but if it is from .11 or any server inside the same firewall it does now go through. Any suggestions? Thanks Title: Re: mailserver behind EFW, not getting emails unless I enable SNAT Post by: TheEricHarris on Sunday 26 July 2009, 04:58:25 am I would strongly suggest using the SMTP proxy built into ENDIAN. At a minimal, run the blacklists to block 90% of your inbound SPAM. I also use SA to filter out spam before it hits my Exchange server. This also means that port 25 from the outside world is not directly open on your mail server!
Title: Re: mailserver behind EFW, not getting emails unless I enable SNAT Post by: bangsters on Monday 27 July 2009, 03:44:50 pm I'm not sure how to use the proxy settings of EFW, is there a manual on how to configure? From observation in the EFW control panel, it seems that I need to point each domain to a specific mailserver?
Can't it work such that it just proxies port 25, filters the spam, then forwards to the designated IP? Or do I really need to specify where each domain goes? What if I have multiple mailservers and hundreds of domains hosted in each of the mailservers? Or did I understood it wrong on how to use the proxy settings in EFW? Title: Re: mailserver behind EFW, not getting emails unless I enable SNAT Post by: TheEricHarris on Wednesday 29 July 2009, 12:22:51 am Yes, you need to add each domain and point it to the correct mail server.
Title: Re: mailserver behind EFW, not getting emails unless I enable SNAT Post by: bangsters on Thursday 30 July 2009, 08:49:57 am Thanks. Curious, if I enable mail proxy and filter, and I don't put in the domains, what will happen to the mail traffic directed towards my mailservers (port 25 traffic)?? Will they vanish or will they get ignored by the EFW proxy settings?
Title: Re: mailserver behind EFW, not getting emails unless I enable SNAT Post by: vlongjvc on Friday 23 October 2009, 06:18:08 pm Hi, I am using EFW 2.2, I have an issue with Mailserver behind SMTP proxy, users from the Internet is required authentication when attempt to send e-mail to Mailserver, it seems EFW cannot do that, is there any one have experience with this issue. ;)
|