redirect MC relay users to a different relay server.

Users tips and ideas

Moderators: FlorianB, Pascal, bourgeois, mentor

dallenk
Posts: 45
Joined: Thu Nov 10, 2011 7:06 am
How did you hear about Mailcleaner: google

redirect MC relay users to a different relay server.

Postby dallenk » Mon Nov 28, 2011 9:24 am

I had a problem with users relaying through MC when outside of my network because of my ISP blocking outbound mail unless it goes through their own MTA. and MC attempts to deliver it directly..they say it's to help spam from infected hosts.. See http://forum.mailcleaner.org/viewtopic.php?f=14&t=1317

So I put a quick hack into the /usr/mailcleaner/bin/dump_firewall.sh script to get around my ISP's stupid firewall requiring me to use their relay server for any outbound mail.. This will redirect anything MC tries to deliver directly (but not to your normal delivery host), to a relay server of your choice. Useful if you keep logs of every piece of mail originating from your organization or users, our your ISP wont' allow direct connections...

If you have multiple NIC's you can customize it easily enough. Also, if you have multiple domains, with different destination IP address, you can add as many as you need.. I have two rules for one server because I'm using two NIC's for fault tolerance..

Stick these near the top where variables are declared. You can use hostname or IP address.

Code: Select all

my $MC_IP1     = "111.11.111.11";     # Your MailCleaner source interface IP address,
my $MC_IP2     = "111.111.11.12";     # Your MailCleaner source interface IP address,
my $mtaIP      = "222.22.222.22";     # Your MTA IP address MC normally forwards too for the domain
my $relayMTA   = "222.22.222.22";     # IP of the relay server you want to redirect MC's mail deliveries too, might be the same as mtaIP
my $relayPort  = "25";                # Port..


put this in the do_start_script sub.. I inserted it after: print START "# local interface\n";

Code: Select all

  print START "\n# Hack to redirect relayed mail to my MTA instead of MC trying to deliver directly.\n";
  print START $iptables." -t nat -A OUTPUT -p tcp -s ".$MC_IP1." -d! ".$mtaIP." --dport 25 -j DNAT --to-destination ".$relayMTA.":".$relayPort."\n";
  print START $iptables." -t nat -A OUTPUT -p tcp -s ".$MC_IP2." -d! ".$mtaIP." --dport 25 -j DNAT --to-destination ".$relayMTA.":".$relayPort."\n";


then restart mailcleaner (i don't know if just starting the firewall is enough.. didn't try.

I'm trying to incorporate that into MC's administration section, but I have to re-learn lots of coding.. it's been years... Would be a great feature addition to MC
marc@ion
Posts: 103
Joined: Sun Jan 31, 2010 5:16 pm
How did you hear about Mailcleaner: Consultant
Location: Luxembourg
Contact:

Re: redirect MC relay users to a different relay server.

Postby marc@ion » Mon Nov 28, 2011 10:17 pm

Hi,

I'm not 100% sure, but did you check out the "smtp proxy" feature?
-> Configuration -> Base System -> Proxies -> SMTP Proxy?

I do you iptables rules to manipulate some traffic too, but in the most "basic" case, the smtp proxy should do what you need.

Best regards,

MM
dallenk
Posts: 45
Joined: Thu Nov 10, 2011 7:06 am
How did you hear about Mailcleaner: google

Re: redirect MC relay users to a different relay server.

Postby dallenk » Mon Nov 28, 2011 11:04 pm

yup I sure did.. but my problem goes deeper than that when I need to force MC to send email to different servers for delivery. I explain my reasons here: http://forum.mailcleaner.org/viewtopic.php?f=14&t=1317#p5550

the proxy just isn't enough to do what I need.

Return to “Tips”

Who is online

Users browsing this forum: No registered users and 1 guest