Let me explain: we have the Protector in front of a Mail Server.
Each SMTP message that the Mail server is being delivered to the Mail Server with the IP of the Protector.
This does not allow the server to recognize the IP and leverage it's own blacklists instead of the Protector.
Customer has their own AntiSpam and they don't want to use the Protector for this.
But it cannot be done if the mail server does see the originating IP.
Look:
Current log with 10.0.1.8 as Protector local address on the subnet of the Mail Server:
[0EE0:0030-0358] 02/10/2017 16:43:19 SMTP Server: mail.xxx.xxx(10.0.1.8) connected
[0EE0:0030-0C18] 02/10/2017 16:43:19 SMTP Server: Message xxxx(MessageID: WfQ@xxx.xxx.com>) received
[0E90:0020-0908] 02/10/2017 16:43:19 Router: Agent printing: SJ-EXEMPTED! xxxx@xxxx.com, ID: stero/it
[0EE0:0030-0C18] 02/10/2017 16:43:19 SMTP Server: mail.xxxx.xxxx(10.0.1.8) disconnected. 1 message[s] received
[0EE0:0030-20D0] 02/10/2017 16:43:30 SMTP Server: mail.xxxx.xxxx(10.0.1.8) connected
[0E90:0017-0C8C] 02/10/2017 16:43:37 Router: Agent printing: SJ-EXEMPTED! xxxx@xxxx.com, ID:
With other customer where we have a front firewall in a similar configuration this happens:
02/10/2017 16.18.38 SMTP Server: Message xxxx (MessageID: <xxxx@xxxx.xxxx.xxxx>) received
02/10/2017 16.18.38 SMTP Server: xxxx.xxxx.xxxx(xxxxx) disconnected. 1 message[s] received
02/10/2017 16.18.53 SMTP Server: Remote host xxxx() found in blacklist at sbl-xbl.spamhaus.org
02/10/2017 16.18.53 SMTP Server: xxxxconnected
02/1
Reply:
In this case it means that not to use Protector as mail proxy and leave the mail pass untouched through it and reach the destination IP address instead.
So, since the MX records of all the domains already point to the public IP xxxx, which is the same IP address as the Protector, it should be enough to turn off the mail proxy in the Protector and route port 25 to the correct destination IP in the LAN
Most customers use the Protector as the spam & anti virus scanning so they remove the load from their mail server and also protect the mail server from compromise.
Comments
0 comments
Please sign in to leave a comment.