|
Transparently Proxy all outbound SMTP Traffic |
|
|
|
In some cases you may wnat to make sure that all outgoing mail is sent through a particular gateway on your network, even client requests to external SMTP servers. You may want to make sure all outgoing mail is filtered for virii and spam. In other cases you may want to reduce the need for users to continually change their outgoing SMTP server addreses as they move from home to the office with laptops.
Thanfully its relatively straightforward in firehol. A simple rule like below..... transparent_proxy 25 25 postfix inface eth0 src "192.168.1.0/24" is all you need. basically it means that all traffic coming in on interface eth0, from the local subnet 192.168.1.0, destined for port 25, EXCEPT for any local postfix smtp traffic (or you'd have an infinite loop) will be redirected through port 25 on the firewall server. Similarly for Sendmail...(because it runs as root)
transparent_proxy 25 25 root inface eth0 src "192.168.1.0/24" or transparent_proxy 25 25 root inface eth0 src not "192.168.1.11" (if your internal smtp server forwards mail via the firewall and you want to ensure it doesn't try to proxy mail from this server) |
