Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 4 subscribers
  • Views 2151 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Proper NAT rules for incoming email.

Breakingcustom

Trying to figure out the correct NAT rules for incoming SMTP so the Exchange server doesn't become an open relay.

The UTM is acting as the SMTP proxy and is also the MX record for incoming email.  Email Protection settings are setup properly.

Would I even need a NAT rule?  I'd only need a SNAT rule since the Exchange server is actually sending out via a different IP.

 



This thread was automatically locked due to age.
Parents
  • +1

    Based on your description of the configuration, you do not need a NAT for inbound traffic because UTM is processing incoming mail on an IP address that it owns.

    Since you have not configured a NAT for your Exchange server, it will be transmitting on the Masquerading address.  As long as your Masquerading address is included in your SPF record, you should be fine.

    For outbound mail, I suggest having Exchange route through UTM, especially if you intend to use any of the outbound encryption technologies in UTM.   (UTM can also filter for outbound malware, but hopefully you will never need to that feature.)

  • 0 in reply to DouglasFoster

    You are correct.  I spaced on not needing the NAT rule because the UTM processes the incoming mail (reaffirmed this during my call to support).  I had myself a blonde moment there.

    Outbound mail does route through the UTM currently.

Reply Children
No Data
Unfiltered HTML