Hi everyone, this is a good one....
One of my customer sites has an Aramiska Satellite system for their internet feed (In the process of moving to ADSL, but emails still delivered through satellite)
I recently replaced their god-awful Windows Based mail server with a modified SME 6.0-01 build that I've used Dozens of times.
Now, Some background information.
1. Aramiska will not allow Port 25 to be forwarded to the internal LAN, for whatever reason. Instead they set up the system so that port 25 traffic gets recieved by an smtp server in the satellite equipment, then forwarded onto your specified internal server.
2. At the time of installing the SME it was in server-only mode, as the Firewall and Gateway functions were being provided by Aramiska.
Some of you can probably already guess where I'm going with this.
When the Aramiska box forwarded the email to the SME (From a LAN address) the SME box assumed that it was originating from inside, and merrily forwarded it on without checking the MAIL FROM line in the SMTP feed.
Ooops.
Unfortunately someone must have portscanned aramiska and discovered the open relay, the first thing I knew about it was when they were complaining that the email and Internet were running incredibly slow... I couldn't believe my eyes when I Checked the logs and found 65,000 emails sat in the Outgoing queue.
I Immediately clicked as to what was happening, and disconnected the Satellite.
I have got araound the problem now as ADSL has been installed, and I'm using the SME box in Server-Gateway mode. The ADSL is coming through a 4 port router so I changed the Aramiska's LAN IP to one of the IP's between the SME and the Router, and now forward the email to the External interface of the SME.
My question is this.... How the heck do you stop SME from indiscriminately forwarding SMTP traffic recieved from the internal LAN?
I only want email
TO the domain accepted from outside (Already set up using Mail-Blocking Panel) and either
TO or
FROM on from the inside..
This would be handy on other sites as it would help to lock down unauthorised SMTP traffic.
Any Ideas?
0 Replies
820 Views