> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Ren� Berber > Sent: 03 February 2005 21:20 > To: [email protected] > Subject: [Clamav-users] Re: ClamSMTP in Transparent Proxy Mode > > Mason, Chris, VF UK - Technology (TS) wrote: > > > Hi, > > Hello. > > > I am trying to setup ClamSMTP in Transparent Proxy mode, > but running > > into a problem. > > This is off-topic... but interesting.
Sorry, I thought this list was regarding clamsmtp as well. > > > I have got a Client setup to use machine X as my SMTP Proxy > which gets > > sent through a NetScreen 5 FW which does a destination NAT > to change > > the IP to Y.Y.Y.Y:10025 (my ClamSMTP machine). > > The traffic description seems wrong. > > Usually a transparent proxy works on incomming mail, but you > are describing outgoing mail, is this correct? We have a problem at the moment where users are sending out email to mail servers direct on port 25, but we are being added to blacklists (mostly CBL) as a lot of this email is generated from SMTP based email worms. I am assuming by putting this is the way of incoming email then it would be easy to deliver the message as it just looks up the MX of the domain which should be within the current network. As I am using it in the way of outgoing email it will not be able to lookup the proxy which the user was trying to send email through - is this assumption correct based on the idea that a user configures an SMTP proxy to send email through? > > > In mail.log I have the following: > > > > Feb 3 16:14:07 snoopy clamsmtpd: 100000: accepted connection from: > > 192.168.0.2 > > Feb 3 16:14:07 snoopy clamsmtpd: 100000: couldn't get > source address > > for transparent proxying: Protocol not available > > This is your problem, clamsmtpd is not receiving enough > information to set itself as *fully* transparent proxy (i.e. > changing the source address in TCP packets to make them > appear as if comming from the original source), so clamsmtpd > can only work as *semi* transparent proxy. Not quite sure what you are saying here. I was thinking I might of missed something out of the Linux kernel as it was complaining about Protocol not available? > [snip] > > Combining the ClamSMTP proxy and SMTP proxy into one is not > really an > > option for what I am trying to do. > > By combining you mean "on one machine"? It works the same > with one or two machines, except that you seem to want a DMZ > (with clamsmtpd in it and mail server or servers in the > protected zone). Yeh, the mail server and the transparent proxy machine would be sitting within a DMZ in the same subnet. > > > Any ideas? > > It's not clear if you followed the instructions on clamsmptp's site. > The full transparent proxy has only been tested with > Linux/FreeBSD machines doing the firewalling. It may work > with the NetScreen if it has the ip forwarding functionality; > I don't know the NetScreen. > When a packet comes into the NetScreen it is basically changing the destination address x.x.x.x and the port. I cannot really get my head around if it should be changing the destination address or keeping the same destination but just routing it via the SMTP Proxy box? > You better ask in clamsmtp's list: > > http://sourceforge.net/mailarchive/forum.php?forum=clamsmtp-users > Will have a read through.. Thanks for your help Chris > Regards. > -- > Ren� Berber > _______________________________________________ > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > _______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
