Hi! Short:
and need skip BlackHELO check for "UTM IP" isip + ispHostnames work as You describe, but -- in case false posive ( UTM pass e-mail, but ASSP blocked) -- sender not receved SMTP Error "554 5.7.1 Error: Spam by ZZZ" -- this .eml not deleted from Queue of UTM ( in fact is N * e-mails ) -- need duplicate honepots e-mail addreses both UTM and ASSP Full: D.U.>> I am working on a setup and situation dictates that every server here D.U.>> is behind a NAT firewall. The problem now of course is, that D.U.>> connections to SMTP daemon are translated to the internal IP of the D.U.>> firewall, therefor SPF, and a whole lot other checks fail because D.U.>> ASSP sees them coming from the NAT firewalls internal IP. Grayhat> which is a total nonsense :) see, "NAT != proxy" - this means that Grayhat> publishing whatever service sitting behind a NAT just means setting up Grayhat> a "port forwarding" rule and this, in turn, means that whatever Grayhat> incoming connection to such a port (on the WAN interface) will be Grayhat> forwarded to the internal box/port and seen by the latter as coming Grayhat> from the EXTERNAL IP address not from the NAT one; Yes Grayhat>what you described, Grayhat> instead, is the situation of a box sitting behind a "proxy" of some Grayhat> kind which accepts incoming connections and proxies them to ASSP; this Grayhat> makes me think that you're using some kind of "appliance" or "UTM" Grayhat> which is also implementing incoming mail filtering (and maybe some Grayhat> kind of spam filtering); Yes NAT firewall -- replace --} UTM/appliance with integrated mail relay with AntiSpam i.e. Q: need read as: D.U.>> I am working on a setup and situation dictates that every server here D.U.>>is behind a appliance with integrated mail relay with AntiSpam. D.U.>>The problem now of course is, that connections to SMTP daemon are translated D.U.>>to the internal IP of the firewall, D.U.>> therefor SPF, and a whole lot other checks fail D.U.>> because ASSP sees them coming from internal IP of the appliance with integrated mail relay with AntiSpam. Grayhat>in such a case, given that such a filtering is Grayhat> carried on by ASSP (and far BETTER than using whatever appliance), Grayhat> my suggestion is to disable the "SMTP proxy" in your appliance and let Grayhat> ASSP do its job (even if sitting behind the NAT/Firewall) And my Fritz Borgstedt> - put the front IP into isip Fritz Borgstedt> use Fritz Borgstedt> -Regular Expression to Identify ISP/Secondary Hostnames* (ispHostnames) and need skip BlackHELO check for "UTM IP" isip + ispHostnames work as You describe, but -- in case false posive ( UTM pass e-mail, but ASSP blocked) -- sender not receved SMTP Error "554 5.7.1 Error: Spam by ZZZ" -- this .eml not deleted from Queue of UTM ( in fact is N * e-mails ) -- need duplicate honepots e-mail addreses both UTM and ASSP Best regards, Victor Miasnikov Blog: http://vvm.blog.tut.by/ ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test
