I’m attempting to re-reoute smtp traffic that will come to my web server address to our new mail server. Both are Centos / Interworx systems. It does not seem to be working.
I’ve modified the /etc/afp/preroute.rules as follows:
eout “{glob} loading preroute.rules”
iptables -t nat -A PREROUTING -p tcp -d [mywebserverip] --dport 25 -j DNAT --to-destination [myemailserverip]
any help would be appreciated.
Hi mikei
You can set this for all or specific domain(s) without editing any files from nodeworx, server settings, mail server, mta smarthost
I hope that helps
Many thanks
John
Thank you for your reply. Can you please clarify the location?
I found something similar in System Services : Mail Server : MTA Settings : MTA SMTP Options : SMTP Routes
Is this the location you were referencing?
Hi mikei
I’m sorry, my memory is fading
Yes, that’s exactly the location for setting SMTP routes.
Many thanks
John
John is correct – setting the smtp route to your external mail server should act as a mail relay. If you’re interested, here’s how you can edit the smtp route form the command line: http://www.interworx.com/support/faq/how-to-forward-to-an-external-smtp-server/
Brett,
Now you’ve confused me. I’m looking for a solution that will solve the following scenario:
User x has myserver.com as it’s smtp connection
myserver.com is my webserver (for it all used to be on one machine)
I cannot change x’s smtp credentials or settings
when user x connects to my server at myserver.com via port 25 I want myserver to route the entire port to mymailserver.myserver.com
Your pointer to the faq talks about SENDING messages from interworx not receiving/relaying.
Are they the same thing?
Hi mikei
Sorry, I think perhaps your getting slightly confused.
Brett’s link is a manual edit if you wanted to use that, whereas iw-cp smtp route does this for you. I’m sorry though, I’m currently onsite at clients do I have not had a look at Brett link yet, but I remember it.
If your client is using email, it will use whichever server address you supply, which I
In turn will resolve to which ever IP address you set in dns records, which you would usually set MX and use MX records for this.
The smtp route is a way of transferring outgoing email to a smarthost.
If you want to send all outgoing via the MX record set, you can disable the email locally in full for all domains from nodeworx, plugin, email or manually edit a given siteworx account and disable email locally, siteworx, administration, email
This though, would not change the MX record set in dns and to be honest, given your description, I would do the following
Set the MX record to your email server and disable email locally.
We use the above as I describe with some of our clients, as we are an ESP, and have full dedicated managed mail systems and it works lovely, certainly I have never heard of any issues with relation to this setup from our clients.
Many thanks
John
Hi mikei
Sorry, I’ve just reread and smtp routes works but you also need to disable email locally, as this will push the email to the MX record.
I hope this makes more sense now
Many thanks
John
Yes indeed you have totally confused me.
We’re not talking about MX records here. To clarify user x is not a real person, nor a traditional mail client, it is a device simply using our SMTP to send an email. I do not want this device to use my webserver as an SMTP server anymore.
"User x has myserver.com as it’s smtp connection
myserver.com is my webserver (for it all used to be on one machine)
I cannot change x’s smtp credentials or settings
when user x connects to my server at myserver.com via port 25 I want myserver to route the entire port to mymailserver.myserver.com "
Hi mikei
I figured user x was not real…
I think I fully understand your question now, sorry but feel free to correct me
You are wanting to foward all connections to port 25 or 587 on a specific IP address to be sent directly to different IP address in use on another server, so that it never uses in full any service connected with your IW hosting server.
If that is the case, you will need to look at your distro and put a forwarder port onto the port, which is nothing to do with IW-cp.
I guess it would be at routing level, but looking at your first post, you may achieve this if you run the code directly.
I’m sorry I cannot help any more as we have always set smtp clients to use MX.
Many thanks
John
John,
First of all thank you for your insightful responses. I believe “you have it by Job”!
So doesn’t this go back to my original post? The system is not processing the iptables statement posted in AFP?
Hi mikei
Many thanks, I can be a little slow sometimes sorry.
No sorry, apf has nothing to do with smtp routes, albeit I understand why you think it might have.
Apf or iptables can be changed manually as well as from IW-cp, and these process at a lower level then smtp routes I believe from memory.
To be honest, thinking about it, both options will give same result your looking for, and both options are using your IW hosting server.
To fully not use your IW hosting server for port 25 or 587, you would need to have a firewall or similar device infront of your IW hosting server, and route port on this device. This then would not use any service on you IW hosting server as it’s changed before it gets to your IW hosting server.
I hope that helps a little
Many thanks
John
Hi Mikei
Sorry, your original code is missing iptable binaries, therefore preroute.rules would not process your rule.
Also, If using apf rules, please be aware there is a 10 minute refresh of these rules.
Many thanks
John
Hi Mikei
please see below for preroute.rules entries your looking for, but please change as you see require, and make sure you set the correct eth (eth0 or eth1 etc…)
I hope that helps a little
Many thanks
John
/sbin/iptables -t nat -A PREROUTING -p tcp --dport 25 -i eth1 -j DNAT --to [myemailserverip]:25
/sbin/iptables -t nat -A PREROUTING -p tcp --dport 587 -i eth1 -j DNAT --to [myemailserverip]:587