Re: SMTP & Firewall question....

Right. It is on an internal private internal network. When I am internal all
will work perfectly with the inbound ACL set. But if I take the laptop home,
it won't be able to send mail, because my home ip address isn't in the
access list...

following?


"Neteng" <neteng.ccie@xxxxxxxxx> wrote in message
news:u4yxyJfSGHA.224@xxxxxxxxxxxxxxxxxxxxxxx
Your mail server is in your private network correct? Are you trying to
send
mail when your outside your network (going through your mail server
though)?
When you are on your network and you send an email, the communication
between you and your mail server never hits the firewall so it is not
being
blocked there. If you have an ACL on the inside/trusted interface of your
firewall, you need to allow your mail server IP address out to anywhere on
TCP port 25. This allows your mail server to send emails out to the world.
Incoming should be what you had stated earlier, from 66.179.26.128 -
66.179.26.190 only, again on TCP port 25 (unless they use a different
port).



"Aaron Anderson" <aanderson@xxxxxxx> wrote in message
news:ebRFnueSGHA.4452@xxxxxxxxxxxxxxxxxxxxxxx
ignore my last post.

If i'm at home, and send an email, I will need access to port 25, on my
mailserver.

if i restrict all incoming traffic to that of mxlogic's servers, how will
the mail that I send get anywhere?

at this point, i have no outbound restrictions on the servers.




"Neteng" <neteng.ccie@xxxxxxxxx> wrote in message
news:emOUgjeSGHA.4600@xxxxxxxxxxxxxxxxxxxxxxx
Do you have two ACL's, one inbound and one outbound? Email going out
should
be going through your mail server and that is the only box that should
need
TCP 25 going out.

"Aaron Anderson" <aanderson@xxxxxxx> wrote in message
news:OGt2RRdSGHA.1572@xxxxxxxxxxxxxxxxxxxxxxx
Not easily. it's a sonicwall firewall.

Basically if I set the SMTP server to only accept incoming traffic
from
mx
logic (66.179.26.128 - 66.179.26.190) then I wouldn't be able to
send
mail
from my personal computer, because my external IP wouldn't be in the
rule...


"Neteng" <neteng.ccie@xxxxxxxxx> wrote in message
news:uqWFUzcSGHA.336@xxxxxxxxxxxxxxxxxxxxxxx
Can you post your ACL in and out?

"Aaron Anderson" <aanderson@xxxxxxx> wrote in message
news:ek6NViWSGHA.776@xxxxxxxxxxxxxxxxxxxxxxx
I'm not sure if this is in the right place. If anyone can recommend
a
better
newsgroup for networking and related info, please advise.


I have a simple question.

I host my own email server. MX records direct the mail through a
third
party
spam filtering service (mxlogic.com)

It is my understanding that I should only allow incoming
connections
to
my
server from their posted IP addresses ( 66.179.26.128/26)

If I change the ACL on my firewall, then no clients are able to
send
email...

Does this make sense? I think I'm missing a piece of the puzzle....














.

Relevant Pages

  • Re: getting/sending email when travelling
    ... or if they're on a network that has access to the web in another ... > outlook account doesn't work. ... What's the IP address or FQDN of the mail server they're trying to connect ... > I was under the impression that as long as there was a connection to ...
    (microsoft.public.outlook)
  • Re: How to SMTP (Email) Server Fedora 6?
    ... are not going to be running a mail server? ... It's not a matter of doing it by default, it is a matter of having to edit an obscure config file to do it, instead of the RedHat 'way' of enabling things. ... You probably don't need a web server on your laptop either, but where you do need it, the package comes up working on the network with the expected RH/fedora commands. ...
    (Fedora)
  • Re: relay access denied
    ... GK> has a mail server and B doesn't. ... GK> and only one machine, say MAX-B, on network B. ... But the ssh man page for -L says "Whenever a connection is made to this ... connection is made to host port hostport from the remote machine" ...
    (comp.mail.misc)
  • Re: ACL to block SPAM sources
    ... and decided to put a 3640 between the cable modem and network with some ... ACL that should match, but the router still allows it to pass. ... external to your network is it not, aka hotmail or something? ... ACL wouldn't block anything, as the mail is sent to your mail server, ...
    (comp.dcom.sys.cisco)
  • Re: Slow server response. Is it my box or is it the network.
    ... People are reporting slow outlook response. ... I am getting ready to run the Exchange Best Practices Analyzer to see if anything may be misconfigured. ... But my network guy says that the network is reporting an excessive amount of TxPause packets from our mail server and explaining our server can't handle the amount of requests coming in so its sending out requests to slow down the requests. ...
    (microsoft.public.exchange.admin)
Loading