Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 3 subscribers
  • Views 3576 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Second mail server behind UTM

Robert IT

Hello,

(Domains and public IPs censored)
i've added a new mail server behind a UTM appliance.
E-Mails from outside the Network will reach the new mail server, but when trying to send from the internal mail server, i get the error "<user@test-domain.tld>: mail for test-domain.tld loops back to myself" 
 
My setup:
 
mail1.main-domain.tld (mail mail server) ext IP 200.0.0.1
mail2.main-domain.tld (new test mail server) ext IP 200.0.0.2
test-domain.tld has mail2.main-domain.tld as its MX.
Inbound goes through the UTM. Outbound goes directly out.
 
The UTM is setup in profile mode.
Global settings are for all Domains that are handled by mail1.main-domain.tld
I created a SMTP profile for domains that are handled by mail2.main-domain.tld.
So:
  • Domains: test-domain.tld
  • Routing: mail2.main-domain.tld (with internal ip)
  • Everything else global settings.
  • Profile is enabled
As far as i understand it, this should be everything that's necessary. But obviously i must miss something :D


This thread was automatically locked due to age.
  • 0

    Hallo Robert and a belated welcome to the UTM Community!

    Many of us here have a visual-tactile learning style.  Instead of describing your setup, please insert screen-caps of the Edits of the relevant configurations.

    Cheers- Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hello BAlfson,

    it's been a while but i think i figured out the problem, i'm just not sure what the solution is.
    The UTM was configures with the same FQDN (Email Protection > SMTP > Advanced: Advanced Settings) as the mailserver behind. 
    So when 1st mailserver tries to send a mail to the new 2nd mailserver, it gets an error because the receiving mail server responds with the same FQDN. That's probably why i get the "loops back to myself" error.
    Now it makes sense why external services were able to successfully deliver mails to the 2nd server while the 1st one couldn’t.
    I couldn’t find a clear answer to my problem. 
    Is it necessary that the UTM responds with the same FQDN as the target mailserver? (which would render it impossible to protect more than one with one UTM?)
    If the UTM can use it's own unique FQDN, are there any additional steps to make it work?
    Note that the UTM is only used for inbound mail traffic. Outbound gets send directly from the mailservers behind without being intercepted by the UTM.
    Cheers
Unfiltered HTML