Mailinglist Archive: opensuse-security (423 mails)

< Previous Next >
Re: [suse-security] Sendmail SMTP AUTH / SSL
  • From: RoMaN SoFt / LLFB!! <roman@xxxxxxxxxx>
  • Date: Sat, 24 Mar 2001 12:43:10 +0100
  • Message-id: <vn0pbt8369oelnt65rfnefb7k02r8pqfbt@xxxxxxx>
On Wed, 21 Mar 2001 15:19:09 -0700, you wrote:

>> But: smpts is on port 465. I configured my clients such that they use that
>> port. So far so good. But now port 25 can still be used to send email. I
>> could block it at the firewall but then I am not able to receive email any
>> more, because other mailservers are talking with me on that port. (right?)
>firewall it on the local machine, Linux has firewalling capabilities (ipchains
>in 2.2, iptables in 2.4).

I think it would be possible to make a kind of "conditional"
port-forwarding (based on clients' ip). It should be similar as
transparent proxying process: you set some ipchains/iptables rules
with -j REDIRECT target. For instance: "packets coming from our local
clients and destined to port 25 should be redirected to port 465".
This is easy to achieve (documented in many docs: nat, fws, squid,
transparent-proxy minihowto, etc). You should also set the return
path: "all packets destined to our local clients coming from port 465
must be mangled to show as if they came from port 25" (it's another

** RoMaN SoFt / LLFB **

< Previous Next >