Welcome, Guest. Please login or register.
Did you miss your activation email?
Tuesday 25 January 2022, 03:35:53 am

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14143 Posts in 4323 Topics by 6270 Members
Latest Member: luizcarlosnery
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  mailserver behind EFW, not getting emails unless I enable SNAT
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: mailserver behind EFW, not getting emails unless I enable SNAT  (Read 12176 times)
bangsters
Full Member
***
Offline Offline

Posts: 34


« on: Saturday 25 July 2009, 06:53:45 am »

I have installed mailenable behind our EFW.  If I turn on SNAT in port forwarding, we get the emails.  Although we get all emails even junk mails because the firewall IP is in the whitelist and since SNAT is checked, all incoming mail shows as coming from our firewall IP. 

If I disable SNAT, non of the emails sent from sendmail (same subnet) go through.....as in none, no junk, no valid email, we cannot even telnet to port 25 of the supposed IP address of the mailserver.  Any idea why?  Only thing I changed was the SNAT check box in port forwarding. 

Example:  192.168.1.10 is the IP of mailenable server. 192.168.1.11 is the ip of linux webserver box.  if I send an email from 192.168.1.11 (via php mail) to an email address hosted in 192.168.1.10, it does not get delivered.  If I send an email from .11 (via php mail) to any public mailserver outside firewall it gets delivered.  if I send email from outside mailserver (via php mail) to .11 it also gets delivered.  but if it is from .11 or any server inside the same firewall it does now go through.

Any suggestions?

Thanks

Logged
TheEricHarris
Full Member
***
Offline Offline

Posts: 86


« Reply #1 on: Sunday 26 July 2009, 04:58:25 am »

I would strongly suggest using the SMTP proxy built into ENDIAN.  At a minimal, run the blacklists to block 90% of your inbound SPAM.  I also use SA to filter out spam before it hits my Exchange server.  This also means that port 25 from the outside world is not directly open on your mail server!
Logged
bangsters
Full Member
***
Offline Offline

Posts: 34


« Reply #2 on: Monday 27 July 2009, 03:44:50 pm »

I'm not sure how to use the proxy settings of EFW, is there a manual on how to configure?  From observation in the EFW control panel, it seems that I need to point each domain to a specific mailserver? 

Can't it work such that it just proxies port 25, filters the spam, then forwards to the designated IP?  Or do I really need to specify where each domain goes?  What if I have multiple mailservers and hundreds of domains hosted in each of the mailservers?  Or did I understood it wrong on how to use the proxy settings in EFW?
Logged
TheEricHarris
Full Member
***
Offline Offline

Posts: 86


« Reply #3 on: Wednesday 29 July 2009, 12:22:51 am »

Yes, you need to add each domain and point it to the correct mail server. 
Logged
bangsters
Full Member
***
Offline Offline

Posts: 34


« Reply #4 on: Thursday 30 July 2009, 08:49:57 am »

Thanks.  Curious, if I enable mail proxy and filter, and I don't put in the domains, what will happen to the mail traffic directed towards my mailservers (port 25 traffic)??  Will they vanish or will they get ignored by the EFW proxy settings?
Logged
vlongjvc
Full Member
***
Offline Offline

Posts: 27


« Reply #5 on: Friday 23 October 2009, 06:18:08 pm »

Hi, I am using EFW 2.2, I have an issue with Mailserver behind SMTP proxy, users from the Internet is required authentication when attempt to send e-mail to Mailserver, it seems EFW cannot do that, is there any one have experience with this issue.  Wink
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.078 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com