Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 5510 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SMTP Relay on differnt address

mrshahin
Hi,

If the WAN has 3 public IP address and we add some devices to the 
SMTP-Relaying-Host-base-relay to allow these device send mail through the UTM, which of the public address is being used? does only the Primary address is beeing used?

if the primary address is being used like when internal mail server send mail to outside, can we use differnent IP for the devices I mentioned above?

I dont think the SNAT would work in this case becuse we want to use the SMTP proxy for the AV and spam filteing

Thanks


This thread was automatically locked due to age.
Parents
  • 0
    SNAT is not DNAT. SNAT rewrites the source address, DNAT rewrites the destination address.

    So you want something like:
    Packets coming from External WAN (= the UTM SMTP proxy) with service SMTP going to Anywhere: change the source address to External (WAN) (Addtitional address 1).

    Got it?

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
Reply
  • 0
    SNAT is not DNAT. SNAT rewrites the source address, DNAT rewrites the destination address.

    So you want something like:
    Packets coming from External WAN (= the UTM SMTP proxy) with service SMTP going to Anywhere: change the source address to External (WAN) (Addtitional address 1).

    Got it?

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
Children
  • 0 in reply to scorpionking
    I did create a SNAT

    From:WAN(=Primary address of UTM)-Service (=SMTP)- TO(=Any or should this be the mailserver?) change source(=my WAN additonal address)

    Then  I can use this SNAT for my devices outside the domain to relay mail through our exchange and also we can use SMTP porxy for out going/ in coming mail to the domain.

    Thanks
Unfiltered HTML