Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: Eric Belhomme on July 17, 2002, 06:19:49 PM
-
hi,
I just installed a SME5.5 box in my office on a DMZ network with a public IP address, to do mail server.
I added on server-manager a local network to declare my LAN range.
Now i can send emails to everybody declared on the SME box, but if I send an email to anybody on Internet, I get this message : '553 Sorry, that domain isn't in my list of allowed rcpthosts.'
What's wrong in my config ?
thanks
Eric Belhomme
-
Hi tried to open the firewall between DMZ and Internet : emails are sent ! But if I close the firewall, and just open smtp port and dns-query port it don't and send me the error message I mentionned i my previous post !
I don't know why...
Eric Belhomme
-
I found this http://www.palomine.net/qmail/selectiverelay.html
So i followed directives in it and I found /etc/tcprules/tcp.smtp witch it seems ok
So I wonder qmail is correctly configured to relay my LAN... so why did I get this fu****g message ???
-
I resolved !!!
my networks looks like this :
INTERNET
|
FIREWALL (public IP)
|
+--------+-------+
| |
SME5.5 (DMZ) LAN
public IP private IP/16
My firewall was configured to MASQUERADE all traffic outcomming from the LAN, so the SME server received smtp connection with source IP from the firewall !
I modified my iptables rules to do masquerade only if destination is NOT my DMZ and now relaying works well :)
Anyway, I'm in doubt : /etc/tcprules/tcp.smtp explicitly allow relaying from the firewall IP (witch is the unique gateway address for the server) even with MASQUERADE, it sould be relayed ? isn't it ?
Eric Belhomme