[ previous ] [ next ] [ threads ]
 
 From:  Ugo Bellavance <ugob at camo dash route dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: Mail filtering gateway in DMZ config problem
 Date:  Mon, 18 Apr 2005 10:52:23 -0400 
Adrian Basescu wrote:
> Hello,
> 
> For the filtering mail problem, I don't understand why the destination
> mail server sends the mail back, unless it is rejected for a reason. I
> am using a similar setup with no problem.

It is very weird, I get logs like this:

Apr 17 16:24:20 mta1 sendmail[17272]: j3HKNtGe017243: 
to=<my at extenal dot com>, delay=00:00:24, xdelay=00:00:01, mailer=e
smtp, pri=121506, relay=mail.external.com. [x.x.x.x], dsn=2.0.0, 
stat=Sent ( <54C38A0B814C8E438EF73FC76F36292753
B722 at server dot internal dot com> Queued mail for delivery).

If, from the mail filter, I do a
'telnet mx1.mail.yahoo.com 25', it it my internal server that responds.

It looks like the firewall picks up everything on the DMZ interface that 
  is going to port 25 and forwards it to my internal server.  Isn't it 
supposed to only forward what is addressed directly to the DMZ interface 
IP?


> 
>  I can suggest a setup that I have tried,  a mail server that supports
> filtering, like postfix mail server with amavisd-new for spam and
> antivirus filtering. This works on Linux and any xxxBSD version.

Thanks for the suggestion, I'm using MailScanner already, with sendmail.

> 
> Regards,