I am setting up a Linux box as a gateway and firewall for my companies LAN. The box also runs postfix as an outgoing SMTP server. Sometimes, people come and join the network with their laptops which are configured to use a different mail server. This is problematic since those mail servers will not accept connections from us (as they only allow their own customers to use their mail server). I would like to set up my firewall that no matter what mail server they try use, it always uses my one. I know this is possible, as I have seen it in action, the question is how..
2007-08-02 04:42:47 · 3 answers · asked by mike3452 2 in Computers & Internet ➔ Computer Networking
Just to explain further, as I notice from the answer I have received that perhaps my question wasn't understood. I do not want to force the users to change their configuration to use my server. Rather, I want to to allow them to keep the configuration they currently have, but while the client thinks they are connection to some other mail server, they are really using mine. I suppose this requires some sort of "NAT"-like behavior in which my gateway will pretend to the client that it is the remote server. As I said, I know this can be done as I have seen it in action. I just don't know *how* to do it.
2007-08-02 19:47:40 · update #1
Actually I think what you are looking for is an SMTP proxy for your visitors.
This may help
http://www.unixcities.com/pop3-and-smtp-proxy/index.html
There are some routers with this built in to them designed for "hot spots" which intercept the outbound mail and then send mail as a particular username password from your local system.
If haven't tried it in postfix, but I believe you can set it to accept all LOCAL addresses using iptables and forward those regaurdless of username/password. You only want LOCAL addresses to be relayed but not any internet addresses.
2007-08-07 01:22:30 · answer #1 · answered by Tracy L 7 · 0⤊ 0⤋
It sounds like you want to redirect all outbound port 25 connections to your mail server.
So if they try to connect to bigmailprovider:25 your firewall will transparently redirect them to yourmailbox:25.
You need to read up on the iptables/ipchains whatever firewalling software you are using to set up a rule that will basically say "all outbound TCP port 25 connections REDIRECT to ourmailbox port 25".
This will do the redirecting. Now whether or not postfix is cool with random connections attempting to auth them with passwords you won't know is another.
2007-08-08 15:14:10 · answer #2 · answered by B.F.Skinner Has Eaten My Dinner 3 · 0⤊ 0⤋
you can't force them to use yours, if they have an outbound SMTP server st such as smtp.myserver.com thats what their client will try to use. It will resolve that host name and try to connect to that IP on port 25. You can however block them from using anything but yours. you can do that with a firewall or router filters on some routers by only allowing your mail server to send on port 25 so they have to send to your server. which means they need to change their outbound server in their client.
2007-08-02 05:12:30 · answer #3 · answered by Z 6 · 0⤊ 0⤋