Yayad; You're right, but what I did is I changed the port. Instead of using port 25 I used a different port (any other port not being used will work). The proxy utilizes port 25. So all the filtering and virus scanning occurs on port 25.
Yayad wrote: > > if i'm not mistaken, if you use portforward for smtp, then the antispam > would not work. > > > > nadia007 wrote: >> >> Well... I'm excited to say that my theory worked like a charm!!! >> >> By creating a portforwarding rule on EFW I was able to get my users to >> bypass the proxy and relay their messages off the mail server directly. >> The mail server will only relay messages that pass authentication, so >> even if people know the port, they still can't relay unless they are able >> to authenticate. >> >> I've tested my site on the open relay web tests and the site passes with >> flying colors... ;) >> >> Nadia >> >> >> nadia007 wrote: >>> >>> Peter; >>> >>> Thanks for the reply! At the moment we do have our users relaying >>> through their individual ISP's. Unfortunately this method isn't very >>> reliable. Most of the ISP now days only allow users that are on their >>> network to relay on their network. So when our user's are at a remote >>> location using an ISP other than their own (like at a hotel), they can't >>> use their outlook to send their mail because their personal ISP rejects >>> any relay's done outside of their network. >>> >>> I think I understand what you're saying. The SMTP proxy will capture >>> any requests coming or going from and to the mail server. This is how >>> it is able to filter out the spam/virus and relay requests. But in my >>> case if I wanted the users to be able to relay from our office, I'll >>> need something that will be able to authenticate the user and then relay >>> the mail. >>> >>> What if I changed the port that my users use for SMTP? By default SMTP >>> runs on port 25 and that is the port that the proxy uses. But what if I >>> did a port forward on EFW to listen on port 1010 (for example) and >>> forward to the mail server on port 25. On the client I would then tell >>> it to send outgoing mail to port 1010, instead of the traditional port >>> 25? In theory this would bypass the proxy on port 25 and allow the >>> users to get to the mail server to authenticate. My server wouldn't be >>> an open relay since the user has to have their username and password to >>> authenticate before it sent any mail out. >>> >>> Thanks for the infor Peter, I'll do some experimenting and inform the >>> mailinglist of my findings for anyone that is interested. >>> >>> Nadia. >>> >>> >>> >>> >>> Peter Warasin wrote: >>>> >>>> hi >>>> >>>> nadia007 wrote: >>>>> also send and receive just fine. Unfortunately my remote users that >>>>> are >>>>> using their outlook and using either using IMAP or POP3 are having a >>>>> very >>>>> difficult time sending email through the mail server. >>>> >>>>> postfix/smtpd[4496]: NOQUEUE: reject: RCPT from >>>>> unknown[208.11.90.100]: 554 >>>>> : Relay access denied; from= to= proto=SMTP helo= >>>> >>>> as far as i understood you would like to allow people to use your local >>>> efw as an smtp for remote users. >>>> >>>> efw is only designed to act as an smtp proxy, which means it intercepts >>>> outgoing connections from a client to an smtp server, and backwards, a >>>> connection from the outside to your local mailserver. >>>> >>>> what you try to do is using the firewall directly as an smtp in order >>>> to >>>> allow people to relay mails through it. >>>> this does not work, because otherwise you would have an open relay >>>> which >>>> allows spammer to send mails over it wherever they want. >>>> >>>> you solve this by letting your remote users use their providers smtp >>>> server, which has to allow relaying mails from its own local ip >>>> addresses. >>>> >>>> peter >>>> >>>> -- >>>> :: e n d i a n >>>> :: open source - open minds >>>> >>>> :: peter warasin >>>> :: http://www.endian.it :: [EMAIL PROTECTED] >>>> >>> >>> >> >> > > -- View this message in context: http://www.nabble.com/Relay-Access-Denied-tf2347990.html#a6573356 Sent from the efw-user mailing list archive at Nabble.com. ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Efw-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/efw-user
