Spam wrote:
I had tried something like this, the problem comes when your users try to do authenticated smtp with another mail server which would obviously fail to login to your ISP's smtp server.
"Forced to use an external relay server" and "authenticated smtp with
another mail server" seem mutually exclusive to me anyhow.
There are other tricks though. I assume your users are local on the mailThe firewall and the courier box is the same. I also have users from
server, otherwise the "-s" above takes care of the problem already and
it should just work.
outside too. But the iptables "-s <your-mailserver-ipv4> --dport 25"
should work anyway, should it not, as the clients do not have the
same source IP as the server?
If I understand you correctly, a tipical soho setup. A linux box that does firewalling, masquerading (or SNAT if you want) and runs the mail server. Very much like my setup[1]. In that case, yes, it should work. Ah no......
Thinking a bit more about it, the SNAT for the clients is done in PREROUTING. So all clients will match the -s <my-external-ip> in POSTROUTING. I think to make it work, you need the fwmark or connmark. Make sure you set the mark in OUTPUT (matching the mailserver) and not in FORWARD (matching the clients). Then, in POSTROUTING, DNAT on the mark, not on the source, which is your external IP for every connection by this time.
Cheers, and sorry for leading you astray,
M4
[1] My setup is similar, although it delivers mail over NFS. The IMAP server runs on another machine. The advantages of maildir....
------------------------------------------------------- This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting Tool for open source databases. Create drag-&-drop reports. Save time by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc. Download a FREE copy at http://www.intelliview.com/go/osdn_nl _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
