Re: Port Forwarding and 1:1 NAT dilemma with email

From: Bryan Linton (blinton_at_nospam.connellinsurance.com)
Date: 09/08/04 

Date: Wed, 8 Sep 2004 14:56:55 -0500

"Phillip Windell" <@.> wrote in message
news:O5WBMSRlEHA.3104@TK2MSFTNGP14.phx.gbl...

> That is actually a good way to do that. I would not criticize her.
> Separating "jobs" out to different public IP#s is more flexable and
> scaleable then trying do everthing with on one public IP#.
<snip>

Thanks for the reply. I actually wasn't criticizing, I honestly was not
sure why she did it that way. In my case, the 1:1 NAT is interfering with
my port-forwarding requirements, but I can see how multiple IP addresses
could give additional flexibility, now that you mention it.

> Ours is simlar to yours. It wasn't difficult,...incoming SMTP goes from
the
> Firewall to the Spam Filter first then to the Mail Server. However inbound
> POP3 goes from the Firewall directly to the Mail Server. Outbound POP3
and
> SMTP both go from the Mail Server Directly to the Firewall and do not
> involve the Spam Filter.

The dilemma I have is how to let our external users relay mail off our
server. All incoming traffic on port 25 is relayed to our spam firewall, so
any attempt to connect to our mail server on port 25 would also be directed
to the spam firewall. Do I need to set my mail server's SMTP port to an
unassigned, non-standard port number? Like, say, port 60? I would then
need to set all my outlook clients to send mail on that port, instead of
port 25, and also set my spam firewall to receive mail on port 25 and
forward good mail to the mail server on port 60. Am I forgetting anything?

Bryan

> Phillip Windell [MCP, MVP, CCNA]
> www.wandtv.com

Relevant Pages

  • Re: OT .. Road Warrior communications question
    ... The data on the Internet is sent in little packets. ... The packets addressed to port 80 ... Likewise, at the mail server receiving the packets, it knows the return ... Why would e-mail work on the web but not from your e-mail software? ...
    (alt.guitar.bass)
  • Re: Exch 2007 stopped sendin/receiving
    ... my ISP did a major overhaul of their DSL lines and in the process blocked port 25 on my IP. ... I could telnet to 25 on their SMTP server, but to nothing upstream of them. ... Can you telnet to port 25 from outside your network to your Exchange Server? ... I ran the Mail flow troubleshooter which said the root cause was no "host" record for my mail server. ...
    (microsoft.public.exchange.admin)
  • Re: E-mail problem
    ... Port 25 is the classic port for POP3 mail servers. ... It's just not being used to access the incoming mail server. ... When the ISP requires secure password authentication, rather than clear text authentication, to it's service account, it must use the new port assigned for secure password authentication. ... It is designed to be used when you are outsdide the firewall. ...
    (rec.outdoors.rv-travel)
  • Re: The FreeBSD Diary -- Is your ISP blocking port 25? Heres a Postfix solution.
    ... Here's a Postfix solution.10 February 2006 ... My ISP started blocking incoming port 25. ... This solution assumes you have a mail server at home and at least one ... Then I sent a test message from the public mail server ...
    (freebsd-questions)
  • Re: OT .. Road Warrior communications question
    ... address (your computer, the mail server, a website, etc). ... A whole bunch of packets of data are hitting ... The packets addressed to port 80 ... packets into a black hole. ...
    (alt.guitar.bass)