Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 27 subscribers
  • Views 1673 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Your mail gateway has two IP. Inbound & Outbound. How would you build a business rule.

Big_Buck

Some Mail Gateway have two IP addresses.

  • Let's say 192.168.1.115/24 is inbound.
  • And 192.168.1.125/24 is Outbound.
  • Both of them in LAN zone.
  • WAN would be #Port2:2-xxx.xxx.xxx.xxx

That causes a problem with the standard SMTP business rule.

It cannot be a reflective rule.  Because you cannot put two protected servers.  Sophos write "Protected server(s)" ? but all items in the drop down list are nothing but unique IP addresses hosts.  No groups.  No network.  Niet. Nada. Nothing. 

The Outbound address could not use an SMTP business rule.  Because, what would be the Source Zone, Allowed client Network and Destination Host/network ?  It's the other way around ...

And quite honestly, the outbound IP could be using the standard MASK NAT and firewall rule.

Why do it simple when it could be complicated and limited they say I presume.

But back to the question, is it possible to put two IP addresses in Protected server(s) ???  And by the way, do SMTP(S) REALLY include SMTP as well ???  Sophos is inconsistent regarding this.

Paul Jr



This thread was automatically locked due to age.
Parents
  • 0

    Hi  

    To achieve your requirement, you required to create separate rules for inbound and outbound traffic for each IP address involved in the communication.

    For Inbound business application rule and for outbound traffic, you required to configure outbound traffic rule (Network rule).

  • 0 in reply to Keyur

    Thanks.  Much like I figured already.

    Also, any idea why Sophos write "Protected server(s)" and not "Protected server(s)" ?

    And does SMTP(s) service REALLY includes both SMTP AND SMTPs services.  I know  if you edit the service SMTP(s) you will see both 25 and 587 ports.  BUT, when creating/editing a new firewall rule, one need to include both SMTP and SMTP(s) services, otherwise, it seems things do not work as expected.  Even in Sophos's literature, we sometime see examples with only SMTP(s) in the firewall rule, but at other times, Sophos will use both SMTP and SMTP(s) services. WHy ?

    Paul Jr

Reply
  • 0 in reply to Keyur

    Thanks.  Much like I figured already.

    Also, any idea why Sophos write "Protected server(s)" and not "Protected server(s)" ?

    And does SMTP(s) service REALLY includes both SMTP AND SMTPs services.  I know  if you edit the service SMTP(s) you will see both 25 and 587 ports.  BUT, when creating/editing a new firewall rule, one need to include both SMTP and SMTP(s) services, otherwise, it seems things do not work as expected.  Even in Sophos's literature, we sometime see examples with only SMTP(s) in the firewall rule, but at other times, Sophos will use both SMTP and SMTP(s) services. WHy ?

    Paul Jr

Children