Topic: SMTP Port 25

[eiceic]

I have a customer using SME 6.01 as their internet gateway/router.  

For some reason (I think their ISP is restricting them having an SMTP server), they are trying to configure their mail clients behind the NAT to access the ISPs SMTP server to send mail.   They are saying that the traffic is being directed to the SME box SMTP anyway - is this true?  Is there a quick way around it?

Here's a bit that their consultant sent me..  Any suggestions?  Should we just change the SME Template to have iptables remove this rule and expand the template?

Thanks,

Chris Buechler

[root@linux1 root]# iptables -t nat -L

<snip! below is only the rules for SMTP>

Chain SMTPProxy (1 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             localhost
ACCEPT     all  --  anywhere             linux1.butte.com
ACCEPT     all  --  anywhere buttepro.static.mt.net
DNAT       tcp  --  anywhere             anywhere      to:192.168.6.50:25

Notice the last one: it is routing any port 25 request through the gateway to itself. And subsequently, any attempt to connect to the proper mail server, mail.mt.net, is picked up by the SMTP service running on the Linux machine. (Disabling that service predictably results in no connection).

[cc_skavenger]

Yes, there is a SMTP proxy in place.  To turn if off, type in the following commands:

/sbin/e-smith/config setprop smtpfront-qmail Proxy disabled
/sbin/e-smith/signal-event remoteaccess-update

HTH

[MSmith]

It would be simpler to set the SME server to use the ISP's SMTP server so no client configuration is needed.  This is done in the EMail section of the server manager.  Side benefit is that sending of messages from client's point of view is very rapid, even with large attachments.

[eiceic]

I passed on both bits of info the consultant.

MSmith:

   He said "Unfortunately, that change you sent through didn't work. It shows up in the browser interface as saved, but the routing tables still show the same rule that is causing the problem."
 
cc_skavenger

   He said "WWWWWOOOOOO HHHHOOOOOOOOOO!!!!!! That did it.  Would you do me a favor now? Please reply to that person and thank them profusely, BUT THEN... ask them where that rule comes from in the first place!!!"

Thank you both for replying

[cc_skavenger]

......cc_skavenger

   He said "WWWWWOOOOOO HHHHOOOOOOOOOO!!!!!! That did it.  Would you do me a favor now? Please reply to that person and thank them profusely, BUT THEN... ask them where that rule comes from in the first place!!!"

......

The rule is in place to catch all outgoing e-mail and send it out no matter what.  This makes it easy to install an e-mail virus scanner that can check the mail going out.  It also allows users that have different e-mail domains setup to send e-mail without configuring a different smtp server in the mail client.  

Just my $0.02.