Topic: IP masquerading external traffic

[bas]

I want to use portforwarding on an sme-server to connect to my web-mail server.
Problem: My mail server should trust the whole world for because the external ip is forwarded.
Is it possible to nat/masquerade the external ip so the internal ip of my sme-server connects to my web-mail server?

thanks Bas

[CharlieBrady]

Problem: My mail server should trust the whole world for because the external ip is forwarded.

No, your mail server should not trust the whole world. You do not want your mail server to be an open mail relay.

[CharlieBrady]

Perhaps you should look up the "delegate mail server" feature in the Users Manual.

[bas]

Thanks for your reply, but no i don't want my mail server to be an open relay. Ill try to be clearer:

I want to use the webmail interface of my mail server. This mailserver has no direct connection to the internet, it uses a relay server which delivers/receives all mail to/from our provider (mailscan). I want to use an sme-server in "servergateway mode" with the snort contrib to forward port 443 to my internal mail-server. While testing I found out the clients ip-adress was forwarded and I have to give my mailserver a route to the clients ip via the sme server.
This is obviously not what I want to do for all possible connections.
Again my question can anyone help me to create a nat rule that masks the clients ip-adres to the internal adress of my sme-server so I only have to add one route in my mail server.

[CharlieBrady]

You don't want port forwarding or a snort contrib. You can use ProxyPass in the apache configuration to forward a URL range to the internal server.

[bas]

I've looked up proxy pass, sure looks like it is what is what I'am looking for.
I'll try to get it work,
thanks