On Wed, 21 Mar 2001 15:19:09 -0700, you wrote:
But: smpts is on port 465. I configured my clients such that they use that port. So far so good. But now port 25 can still be used to send email. I could block it at the firewall but then I am not able to receive email any more, because other mailservers are talking with me on that port. (right?)
firewall it on the local machine, Linux has firewalling capabilities (ipchains in 2.2, iptables in 2.4).
I think it would be possible to make a kind of "conditional" port-forwarding (based on clients' ip). It should be similar as transparent proxying process: you set some ipchains/iptables rules with -j REDIRECT target. For instance: "packets coming from our local clients and destined to port 25 should be redirected to port 465". This is easy to achieve (documented in many docs: nat, fws, squid, transparent-proxy minihowto, etc). You should also set the return path: "all packets destined to our local clients coming from port 465 must be mangled to show as if they came from port 25" (it's another redirection). =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ** RoMaN SoFt / LLFB ** roman@madrid.com http://pagina.de/romansoft ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~