Re: Effective Use of Gateway

This is a discussion on Re: Effective Use of Gateway within the mailing.postfix.users forums, part of the Mail Servers and Related category; >>I have setup VPN (MS Exchange protocols) for remote users to my internal >>box. So does ...


Go Back   Usenet Forums > Mail Servers and Related > mailing.postfix.users

Reload this Page Re: Effective Use of Gateway

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 06-15-2004
Norman Zhang
 
Posts: n/a
Default Re: Effective Use of Gateway
>>I have setup VPN (MS Exchange protocols) for remote users to my internal
>>box. So does that mean I can't drop SMTP traffic except from the gateway
>>from outside to my internal mail server? Also would this affect
>>SMTP_AUTH for remote users?
>
> To summerize what you've told us so far. Your getting viruses and spam being
> emailed to you from your own internal mail server. You have a firewall between
> all your machines and the internet with some users accessing the network via
> vpn. The question is how are they sending to your internal mail server when you
> have only mx records for the gateway and a firewall in place?
>
> Based on that, you NEED to check:
> 1.)The firewall configuration, does it allow smtp from anywhere to anywhere or
> is it dropping any traffic not destined for the gateway (in/out)?

Thanks for your patience. My firewall does not allows SMTP from anywhere
to anywhere. It only allows SMTP traffic from anywhere to my mail server.

> 2.)The internal server configuration, does it allow any smtp traffic or is it
> restricted to accepting mail from the gateway and all internal ip addresses?

any->mail gateway->smtp->accept # scan all incoming mail
mail gateway->any->smtp->accept # allow bounces or forwarding
any->mail int->smtp->accept # incoming mail
mail int->any->smtp->accept # outgoing mail

so I guess I can replace any in rule 3 to mail gateway?

any->mail gateway->smtp->accept # scan all incoming mail
mail gateway->any->smtp->accept # allow bounces or forwarding
mail gateway->mail int->smtp->accept # incoming mail from gateway
mail int->any->smtp->accept # outgoing mail

> Now you mention SMTP_AUTH, is your internal server configured to use this? If so
> then how are the viruses and spam getting to your internal server if not from
> the inside? If you answer questions 1 and 2 you will be able to find the answer
> to this question.

Sorry I wasn't clear on my original post. I have 2 internal mail
servers. One allows users to VPN in; other serves as off-site access
which allow remote users to relay mail using SMTP_AUTH.

Regards,
Norman

Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 03:51 AM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0