HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Server Operation (http://www.howtoforge.com/forums/forumdisplay.php?f=5)
-   -   Spamsnake with a 2nd mail server. How 2 redirect SMTP connections (http://www.howtoforge.com/forums/showthread.php?t=28750)

teixeira 17th November 2008 16:29

Spamsnake with a 2nd mail server. How 2 redirect SMTP connections
 
Hello HTF community,

i've 2 mails server, the great spamsnake and the main mail server.
After implementing the spamsnake, i changed the DNS MX records for spamsnake be the first MX record and Main Mailserver the 2nd, to make spamsnake behave like a gateway.

I don't know why, i still ( after 72hrs of DNS propagation) receive emails directly in the main server, instead of them pass all by the spamsnake.

I would like to know if there is any possibility to "redirect" all the external SMTP connections from the Main Mailserver to spamsnake, and than spamsnake knows that have to relay the processed mail to the Main mailserver.

Any sugestions, tips than can be usefull to me?


Thanks.

BR,
Teixeira

Rocky 17th November 2008 17:05

Hey,

I used my router to port forward 25 to my SpamSnake. Now all email traffic goes to my SpamSnake then gets relayed to my MTA.

Rocky

teixeira 17th November 2008 17:42

Hey Rocky,

Sounds a good solution, but i've a problem that doesn't allows me to use that.

SpamSnake is just the gateway machine that filter and clean the email at the "front door" and the back Mailserver ( the main one ) is where users have theirs mailboxes and is where users connect to send (SMTP Authentication)/receive email.

Due this, i could do as you suggested and redirect the traffic accordingly, but the problem is that i've external users that need to connect to the back main mail server, not only the foreign MTAs that deliver mail to mu domain.

I fwded de port 25 in my router to test and its ok, but i don't know solve the problem of external people send emails normally.

Any sugestions?

Br,
Teixeira

Rocky 17th November 2008 19:35

Your users should still be able to log in remotely via web access. As for sending emails, only inbound port 25 activity should be diverted and not outbound. Have you tried it?

If you log in via webmail, can you send and receive emails? What MTA are you using behind the SpamSnake?

teixeira 17th November 2008 20:26

Hey,

Following you email, i found 1 big problem in my spamsnake.
I can use a fake user through LAN connection and even through WAN connection
connect to spamsnake and send emails to my domain.
i mean: fakeuser@mydomain.com can send emails to an existing one, e.g existinguser@mydomain.com

How can avoid this to happen?

Answering your post, my MTA behind SpamSnake is Qmail.

Many thanks,
Teixeira

Rocky 17th November 2008 20:36

Are you using relay_recipients?

teixeira 17th November 2008 20:50

Yes i am.

i use this directive in main.cf
relay_recipient_maps = hash:/etc/postfix/relay_recipients
and i postmaped it.

Inside this file i've all the email addresses that can receive emails in my domain.


Should i look for something like smtp authentication and try to add it to postfix config?

Thanks,
br,
Teixeira

Rocky 17th November 2008 21:10

You should be able to send emails to valid users, that's the normal operation, even if you're sending it as a non-existing user. Postfix will catch the mail and relay it if the user exist on your MTA or in your relay_recipient file.

It will even allow emails sent from a valid user to another valid user. If this email is indeed a spam, MailScanner will pick up on it and tag it appropriately.

It will not allow you to send a test email from any domain to another domain outside of the ones you're relaying for. You should get relay access denied when trying this.

teixeira 17th November 2008 21:21

true. i sent an email with a fake acount to a valid recipient address with CC to my gmail account and in fact, i got the relay related error as you described.

but, and here is my concern, i used an external machine remotely, to send an email to me. i created an email account with a fake sender but a valid recipient and the mail was delivered to my mailbox.

What's your opinion about secure a little more the spamsnake adding SASL?

br,
Teixeira

Rocky 18th November 2008 14:29

Optional
 
Well since Postfix was designed to work the way you described, the operation would be deemed normal.

As for SASL, I really don't think that's necessary. The SpamSnake is just a gateway that doesn't store the emails. It doesn't allow webmail access and doesn't have real users created. If you've implemented the firewall, at the end of the guide, you're already very secure.

My system has been up and running for the longest while without any failures or security breaches. The SpamSnake was built with security in mind and thus, you shouldn't have to implement any other features as it's already very protected.

Don't forget, you have to train your MailScanner via MailWatch. This will improve the accuracy of the spam engine.

Good Luck:)

Rocky


All times are GMT +2. The time now is 23:54.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.