hi
wharfratjoe wrote: > Within the outgoing firewall i added two rules: > source ip (green) 192.168.2.5 (email domain A)--> destination ip 1.2.3.4 > (external alias ip on nic - red network) port 25 traffic to allow out. > source ip (green) 192.168.2.6 -->(email domain B) --> destination ip 1.2.3.5 > (external alias ip on nic - red network ) pot 25 traffic to allow out. attention! the outgoing firewall *only* controls which source ip may have access to addresses behind the red interface (the internet or to a specific host/port pair). it does not change any source addresses (NAT). your rules do not make much sense, since they only allow 192.168.2.5 and 192.168.2.6 access 1.2.3.4 and 1.2.3.5, which are both local and don't pass the red device. what you want already will be made if you make a port forwarding. a port forward from 1.2.3.4 port 25 to 192.168.2.5 automatically adds nat rules which make appear connections from 192.168.2.5 to port 25 on any remote host, like coming from 1.2.3.4 unfortunately a port forwarding bypasses the smtp proxy. if you use the smtp proxy, every smtp traffic will be intercepted by the efw and redirected to the local smtp server, which then sends mail with the default red ip address, since it is a local server. in order to prevent foreign mailservers to reject your mails because the A record does not match the PTR record, make sure the A and PTR records of the default ip address match, if you like to use the proxy. i am aware of the problem. but since now we were not able to configure efw's postfix in a manner to allow configuring the source ip address which should be used to send mail for the specific domain. i hope we can change this in future. peter -- :: e n d i a n :: open source - open minds :: peter warasin :: http://www.endian.it :: [EMAIL PROTECTED] ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
