# smtp routing



## jtg2 (Feb 20, 2006)

Hello,

I have a domain with 10 xp clients, 1 w2k domain controller, and 1 email server running w2k and an open source email server. I would like to know...how to route all smtp traffic to my email server where it can be validated and then sent on it's way....or rejected and killed at the email server. what i'm concerned about is getting a virus that turns my work stations into into virus sending zombies...my routers are all linksys consumer gateways/routers.


thanks in advance...


----------



## aprior (Jan 10, 2006)

jtg2 said:


> Hello,
> 
> I have a domain with 10 xp clients, 1 w2k domain controller, and 1 email server running w2k and an open source email server. I would like to know...how to route all smtp traffic to my email server where it can be validated and then sent on it's way....or rejected and killed at the email server. what i'm concerned about is getting a virus that turns my work stations into into virus sending zombies...my routers are all linksys consumer gateways/routers.
> 
> ...


First off, viruses and other malware that send mail from infected computers don't always use port 25 to send mail

The simplest solution is just have all outbound SMTP traffic blocked unless it comes from your email server.
What model Linksys are you using as a gateway to the Internet?


----------



## jtg2 (Feb 20, 2006)

alright, our isp (bellsouth) requires that we use a netopia 3347 modem/router as our gateway. because we have a block of 13 static ip's...they are not traditional static ip's, what they use is a wan dynamic redirect. then i have 1 linksys BEFSR81 as the lan gateway ( i also have another acting as a switch to extend the capasity for the additional 2 clients and printers), and a BEFSX41 for the email server (it is assigned a public wan ip and a private lan ip) with port forwarding for 21,25,80,143 to the email/web server. ( i have intentionally put the email/web server outside of our lan.) 

the clients configured with outlook currently send mail via mail.mydomain.com, which resolves to the public ip of the befsx41 router.


----------



## aprior (Jan 10, 2006)

Ok, I see. Depending on how this is set up, my idea may or may not work.
Is the BEFSX41 that has the email server on it's LAN plugged into the LAN ports on the BEFSR81 or just connected to the Netopia model/router?

If connected right to the Netopia router, then you can just set up the filter on the Netopia router to block SMTP traffic from any IP except the IP of the WAN interface of the BEFSX41 (the one with the email server).

Otherwise... some other software or a different configuration may be required.


----------



## jtg2 (Feb 20, 2006)

yeah see....that's the problem i'm having too....if i configure the netopia to filter outgoing smtp (i.e. port 25) traffic except from the email server...i think that it will block the outgoing smtp traffic from the clients (it would really be incoming...but because it's coming from behind the netopia i believe that it would consider it outgoing, or worse yet... it may loop). 

Although, i am running ASSP on the email server to filter spam...and it can be configured to listen on multiple ports (say 25, and 225), presumably to proxy around isp's that filter outgoing smtp (port 25) traffic.

I'd love to throw an ISA server or pix router into the mix...but the client (in this case my family's title company) is resource restrictive (cheap!!!).

If it were any other client, i would send them a quote, explaining in detail what was required and placing the onus on them...however if i were to do that in this case....i would jeopardise my place at the thanksgiving day dinner adult table (just having graduated from the kids table last year).

any thought's?


----------



## jtg2 (Feb 20, 2006)

I was really wondering if i could do a Lmhosts file edit to redirect smtp traffic to the public ip of the email server or some such...


----------



## jtg2 (Feb 20, 2006)

i finally blocked all smtp port 25 traffic on the BEFSR81, and configured the clients outlook to use port 225 to smtp to the proxy...but i still would've liked to be able to get the clients lmhosts or the netopia to forward all smtp traffic to the mailserver ip.

and bellsouth was not at all helpful in advising me how to do this on the netopia, and netopia was not enthusiastic about helping either because we had a bellsouth brokered modem...they said that they would try and help me help me for $69.00 (i asked the rep if he knew how to do what it was that i was asking of him, and his response was that he couldn't search his database to assist me until he had a service order number...)


----------



## aprior (Jan 10, 2006)

Ya, what you might be okay except for malware that use the Outlook (express) settings to send their messages. It would have been best to filter the traffic on the Netopia device, but since you can't administrate it, I guess you don't have many options.

The LMHOSTS file doesn't allow you to specify ports, it's merely a name to IP map.
The Netopia device may have some way of forwarding any SMTP traffic that tries to go out to the Internet to the email server, but I'm not sure.
Any traffic that specifies the public IP on the email server's router won't pass through the router portion of the Netopia device, therefor it won't be affected by any filterring you apply on that device.

What you did might be fine, setting forwarding of all SMTP traffic to the email server would just be redundant.... how can traffic be forwarded if it's blocked?


----------

