Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 8 replies
  • Answers 2 answers
  • Subscribers 3 subscribers
  • Views 3356 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SMTP Proxy listen on sub interface only?

Louis-M

We're looking at limiting the smtp proxy listening on all interfaces. Now I can see that it can be limited to x interface/s but can it be limited to a sub interface ie an additonal IP

eg. eth0 = WAN 2.2.2.2/27 with addtional IP's of 2.2.2.3, 2.2.2.4 etc

Can it be limited to above example 2.2.2.4 or will it just simply listen on all IP's on that /27 subnet?



This thread was automatically locked due to age.
Parents
  • 0

    Hi Louis,

    Two NAT rules, in order:

    NONAT : Internet -> {25, 465, 587} -> {2.2.2.4}
    DNAT : Internet -> {25, 465, 587} -> External (Network) : to {240.0.0.1}

    That blackholes all SMTP traffic to the other IPs.  Is that what you were looking for?

    Cheers - Bob

  • 0 in reply to BAlfson

    Not quite sure there Bob.

    This is for the SMTP proxy on the UTM which by default, listens on ALL interfaces. We have a WAN with a /27 so the WAN has one IP with the other IP's as additional IP's.

    Going into the SMTP proxy on the UTM, we can select a unique interface but it only allows the primary interface IP or other interfaces eg vlans.

    It doesn't allow you to select the additional IP's on the primary interface.

  • 0 in reply to Louis-M

    Online Help:

    Listen Interfaces

    By default, the SMTP proxy listens on all interfaces on ports 25, 465, and 587 for incoming email traffic.

    To listen only on particular interfaces, select the option Custom Interfaces and add interfaces to the Allowed Interfaces box. Click Apply.

     

    Seems like it is only the WAN Interface object. So you should be able to add the Alias Interface there,. 

Reply
  • 0 in reply to Louis-M

    Online Help:

    Listen Interfaces

    By default, the SMTP proxy listens on all interfaces on ports 25, 465, and 587 for incoming email traffic.

    To listen only on particular interfaces, select the option Custom Interfaces and add interfaces to the Allowed Interfaces box. Click Apply.

     

    Seems like it is only the WAN Interface object. So you should be able to add the Alias Interface there,. 

Children