[ previous ] [ next ] [ threads ]
 
 From:  "Chris Buechler" <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] SMTP and NAT
 Date:  Wed, 3 May 2006 21:09:32 -0400 
On 5/3/06, Mark Wass <mark dot wass at market dash analyst dot com> wrote:
>
> I have a rule at the top of my list allowing access to port 25 on the IP
> address of my new mail server in the DMZ
>
> Are the NAT rules executed first?
>

NAT is first.  Your NAT rule for port 25 has to point to the proper
server, and you have to have a firewall rule permitting the traffic.


> How do I make sure that the correct mail server is connected to?
>

You make it sound like you have two SMTP servers and one public IP. 
You can't open port 25 on one IP to two different internal hosts.  You
either need a second IP for the second server, or setup the first
server to accept mail for the second and relay to it for its domains.

-Chris