Re: [SLE] Re: Stopping open mail relay in SuSE standard server.

From: James Knott (james.knott_at_rogers.com)
Date: 07/26/04

  • Next message: Ken Schneider: "Re: [SLE] moving hard disks" 
    Date: Mon, 26 Jul 2004 08:58:31 -0400
To: suse-linux-e@suse.com

    Carlos E. R. wrote:
    > The Sunday 2004-07-25 at 21:26 -0400, James Knott wrote:
    >
    >
    >>>More information is needed. What interfaces do you have? Is indeed
    >>>external mail coming in on that interface?
    >>>
    >>
    >>Does it consider the address that it comes in on?
    >
    >
    > Yes, due to the "mynetworks" setting.
    >
    >
    >>Or the source address?
    >
    >
    > Also.
    >
    >
    >>There is only one interface in use, connected to the firewall, via local
    >>network. Beyond the firewall is an ADSL connection.
    >
    >
    > And in another message you mention that:
    >
    >
    >>That I can't say. The firewall is a separate box, made by Symantec,
    >>which I have no control over, other than asking for ports to be
    >>forwarded. I guess I'll have to see what's actually in the packets and
    >>enquire about the firewall being a proxy.
    >

    I haven't yet confirmed that there is a proxy, but considering what I've
    gone through, that's the only thing that makes sense.

    >
    > That's what I thought. Postfix is seeing the email coming on an internal
    > interface, and it is configured to trust everything coming on that
    > interface. You could remove the 192.168.1.0 interface from the "mynetwork"
    > setting, but then, of course, all your intranet would be untrusted -
    > perhaps not a bad thing in your case, I think you said something about a
    > Exchange server behind.

    No, there's no Exchange server. Currently, they're getting their mail
    via an external company and they're not happy with the performance.

    >
    > Or you could give it another ip, perhaps a "real" one.
    >

    I was wondering what the solution would be, if the problem were caused
    by a proxy and it couldn't be turned off. One possibility, would be
    another IP. Are there other ways of dealing with a proxy?

    tnx 

    -- 
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@suse.com
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@suse.com
  • Next message: Ken Schneider: "Re: [SLE] moving hard disks"

    Relevant Pages

    • Re: Should proxy have one interface or two
      ... Dual firewall will help you grant access to public resource/client and limit ... Vérificateur interne en sécurité de l'information ... A Proxy is a device that takes a connexion, filters it and sends it to the ... That's why you have 2 interface, to prevent the bypassing of the proxy, to ...
      (Security-Basics)
    • Re: Checkpoint Front End server - ISA Back End server - OWA Setup
      ... What version of FW-1? ... the traffic between ISA's internal interface and the Exchange server. ... Exchange server in plain HTTP format, ... I am not a firewall expert, but our firewall guy tells me this is a risk, ...
      (microsoft.public.isa)
    • Port Forwarding to firewalled box
      ... The firewall, however, has a proxy server listening on the inside interface, ...
      (comp.security.ssh)
    • Re: I cannot see my exchage web server
      ... Do you have a "normal" exchange server or a Small Business server? ... Henning Krause ... and i just added a new policy, i dont have a proxy, but i have a firewall ...
      (microsoft.public.exchange.applications)
    • Re: ftp problem
      ... > here is my whole firewall script ... > # No restrictions on Loopback Interface ... > # or from this gateway server destine for the public Internet. ... > # Allow out secure FTP, Telnet, and SCP ...
      (freebsd-questions)