Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
900 Views 3 Replies Latest reply: Apr 23, 2013 11:28 PM by mrkylewood RSS
mrkylewood Newcomer 3 posts since
Apr 22, 2013
Currently Being Moderated

Apr 22, 2013 11:45 PM

SMTP port forwarding for exchange server WOES.

Running a Mcafee Sidewinder version 70103

 

I have created two rules, an inbound and outbound smtp rule.

 

 

79outYesAllowsmtp stuffinternal1.163.1.10external<Any><Default  Group>25/tcp
80inYesAllowsmtp stuffexternal<Any>internal1.163.1.10<Default Group>25/tcp

 

 

 

If I go to canyouseeme.org, inside my network, it says that port 25 is open.  If i try to telnet into my mail server (using port 25) from another public IP, I do not get a response.  Likewise, if I am inside my network and I try to telnet into a publically accessible mail server (smtp.comcast.net) I get no repsonse.  When I look at the monitor section, after I have tried to telnet into the mail server I get this:

 

 

 

 

Capture.JPG

 

 

 

 

Basically the deny all rule is blocking my smtp traffic, which SHOULD be let through to my mail server.  I have spent over a week on this every night and am at my witts end.  Any advice would be invaluable at this point.

 

I have made sure that the 2 smtp rules are above the deny all rule.  HELP!

 

Message was edited by: mrkylewood on 4/22/13 11:45:04 PM CDT
  • PhilM Champion 528 posts since
    Jan 7, 2010
    Currently Being Moderated
    2. Apr 23, 2013 2:45 AM (in response to mrkylewood)
    Re: SMTP port forwarding for exchange server WOES.

    Hi

     

    A couple of things to check before you try anything else:-

     

    This Firewall has two SMTP modes, either transparent SMTP proxy services (where the traffic passes through the Firewall) and a split sendmail mode (where  two sendmail servers run on the Firewall). The two modes can't co-exist, so if you are running in sendmail mode, but are trying to use SMTP proxies, the problem may be that because the sendmail service takes control of port 25, the rules allowing traffic to pass through aren't likely to work.

     

    If you go to Maintenance -> Reconfigure Mail in the Admin GUI you will be able to see which mode the Firewall is currently using. If it doesn't say that the current SMTP Mode is "Transparent" then you'll need to change it before you do anything else.

     

    The second one concerns the construction of the rules, specifically the inbound rule. Do you have routeable addresses on each side of your Firewall? If not, your inbound rule is unlikely to work. It will need to be source burb=external, source=<Any>, dest burb=external, dest=<address object for external IP address> and then use the redirect host element to pass the traffic through to the address object representing the actual address of the Exchange server.

     

    -Phil.

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points