Scully87
05-16-2003, 10:53 AM
Hello All,
Here's the senerio.
I'm testing a new email server with a test domain name. mydomain.net. I also have my production mail server mydomain.com. They're both behind my linux firewall. Right now routing works fine. Incoming and out going mail works, if I only have one going at a time. They will both send out going but only one recieves incomming mail. The problem is in the iptables script. Here's what my mail routing/forwarding looks like now:
#Forwarding related to mail:
iptables -A FORWARD -i $EXTIF -o $INTIF -p tcp -d $INTSMTP --dport 25 -j ACCEPT
#Forwarding incomming SMTP connections:
iptables -t nat -A PREROUTING -i $EXTIF -p tcp -d $EXTIP --dport 25 -j DNAT --to $INTSMTP:25
I would like to be able to route/forward the incomming mail by host destination. For example mail hitting the firewall bound for mydomain.com(production) gets routed to the Production mail server. Mail bound for mydomain.net(Lab) gets routed to the test mail server.
I tried changing the -d $EXTIP variable to -d mydomain.net also -d mail.mydomain.net
That resulted in the firewall blocking the incomming attempt. I tried placing this rule in front of the change:
iptables -A INPUT -i $EXTIF -p tcp -s $UNI -d $EXTIP --dport 25 -j ACCEPT
That resulted in the incomming mail not being blocked but it still would not route to the test mail server. I had to add an entry to my host file with the name and ip of the internal server which is on a private IP.
Any ideas?
Thanks in advance
Cheers,
Scully
Here's the senerio.
I'm testing a new email server with a test domain name. mydomain.net. I also have my production mail server mydomain.com. They're both behind my linux firewall. Right now routing works fine. Incoming and out going mail works, if I only have one going at a time. They will both send out going but only one recieves incomming mail. The problem is in the iptables script. Here's what my mail routing/forwarding looks like now:
#Forwarding related to mail:
iptables -A FORWARD -i $EXTIF -o $INTIF -p tcp -d $INTSMTP --dport 25 -j ACCEPT
#Forwarding incomming SMTP connections:
iptables -t nat -A PREROUTING -i $EXTIF -p tcp -d $EXTIP --dport 25 -j DNAT --to $INTSMTP:25
I would like to be able to route/forward the incomming mail by host destination. For example mail hitting the firewall bound for mydomain.com(production) gets routed to the Production mail server. Mail bound for mydomain.net(Lab) gets routed to the test mail server.
I tried changing the -d $EXTIP variable to -d mydomain.net also -d mail.mydomain.net
That resulted in the firewall blocking the incomming attempt. I tried placing this rule in front of the change:
iptables -A INPUT -i $EXTIF -p tcp -s $UNI -d $EXTIP --dport 25 -j ACCEPT
That resulted in the incomming mail not being blocked but it still would not route to the test mail server. I had to add an entry to my host file with the name and ip of the internal server which is on a private IP.
Any ideas?
Thanks in advance
Cheers,
Scully