Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 3744 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

email protection on incoming port other then 25

tekpoint
Hello Everyone,

Due to ISP restrictions on incoming port 25, in order to recieve mails i am forced to use an external mail forwarding service (such as no-ip mail reflector).

The Dnat rule i have setup is:

Traffic selector: Any → Service: port 25000 → External WAN Network
Destination translation: EXCHANGE SERVER  → Service: port 25

Now this rule works, since the mails are all coming in

The problem is that the Mail Protection does not detect or process any incoming mails. 

The basic config i have done on Mail Protection up to now is:

Email Protection -> SMTP -> Relaying -> Upstream hosts/networks -> the 2 servers used by the alternative forwarding service. 
Email Protection -> Routing -> Domains (my email FQDN)
Email Protection -> Routing -> Hosts Lists (my exchange server)

What did I miss? 

Eddy


This thread was automatically locked due to age.
Parents
  • 0
    Cool!  Thanks for doing the work!  In the past, I had experimented with leaving the 'Destination translation' field empty, but I think I remember that that didn't work.

    Today was the first time I thought to try putting the interface "(Address)" object into that field.  I realized that that might be the trick because I remembered that to make a firewall rule apply to traffic in the INPUT chain, you use an "(Address)" object.  This also is related to #4 in https://community.sophos.com/products/unified-threat-management/astaroorg/f/51/t/22065.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    Cool!  Thanks for doing the work!  In the past, I had experimented with leaving the 'Destination translation' field empty, but I think I remember that that didn't work.

    Today was the first time I thought to try putting the interface "(Address)" object into that field.  I realized that that might be the trick because I remembered that to make a firewall rule apply to traffic in the INPUT chain, you use an "(Address)" object.  This also is related to #4 in https://community.sophos.com/products/unified-threat-management/astaroorg/f/51/t/22065.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML