SMTP Traffic Routing

Hello All,

I am wondering if anyone knows of a way to Route all outbound SMTP
traffic through a specific IP address. Here is the Scenario:

I have a SonicWall with enhanced OS. It of course has a WAN IP address.
It also has 2 IP addresses associated with the OPT port for public
servers. I recently changed the IP address of my mail server from
public to private. What i am looking to do is tell the SonicWall to
take any SMTP (Or all traffic if that is easier) and send it out of one
of the IP addresses associated with the OPT interface.

The reason for my doing this is that the MX record is pointed to one of
the IP addresses of the OPT port. If I send mail out and it goes out of
the IP that is associated with the WAN port (Different than the OPT IP)
it is categorized as SPAM as the MX reverse look up is bad.

If anyone can provide any opinions or solutions it would be greatly
appreciated.

Thanks,

Jason

Re: SMTP Traffic Routing

DigitalKid wrote:
> The reason for my doing this is that the MX record is pointed to one
> of the IP addresses of the OPT port. If I send mail out and it goes
> out of the IP that is associated with the WAN port (Different than the
> OPT IP) it is categorized as SPAM as the MX reverse look up is bad.

Tell whoever is doing this to stop being an idiot. The MX is the host
supposed to *receive* mail. The MX record doesn't say anything at all
about which host is sending out mail from this domain.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

Re: SMTP Traffic Routing

On Sat, 20 Jan 2007 23:20:28 +0000, Ansgar -59cobalt- Wiechers wrote:

> DigitalKid wrote:
>> The reason for my doing this is that the MX record is pointed to one
>> of the IP addresses of the OPT port. If I send mail out and it goes
>> out of the IP that is associated with the WAN port (Different than the
>> OPT IP) it is categorized as SPAM as the MX reverse look up is bad.
>
> Tell whoever is doing this to stop being an idiot. The MX is the host
> supposed to *receive* mail. The MX record doesn't say anything at all
> about which host is sending out mail from this domain.

If I understand what you are saying, I can only ask......
Are you for real?


--

Regards
Robert

Smile... it increases your face value!


----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----

Re: SMTP Traffic Routing

Robert wrote:
> On Sat, 20 Jan 2007 23:20:28 +0000, Ansgar -59cobalt- Wiechers wrote:
> > DigitalKid wrote:
> >> The reason for my doing this is that the MX record is pointed to one
> >> of the IP addresses of the OPT port. If I send mail out and it goes
> >> out of the IP that is associated with the WAN port (Different than the
> >> OPT IP) it is categorized as SPAM as the MX reverse look up is bad.
> > Tell whoever is doing this to stop being an idiot. The MX is the host
> > supposed to *receive* mail. The MX record doesn't say anything at all
> > about which host is sending out mail from this domain.
> If I understand what you are saying, I can only ask......
> Are you for real?

Ansgar is right.

Please read RFC 974 / STD 10.

Yours,
VB.
--
"Pornography is an abstract phenomenon. It cannot exist without a medium
to propagate it, and it has very little (if anything at all) to do with sex."
Tina Lorenz

Re: SMTP Traffic Routing

Robert wrote:
> On Sat, 20 Jan 2007 23:20:28 +0000, Ansgar -59cobalt- Wiechers wrote:
>> DigitalKid wrote:
>>> The reason for my doing this is that the MX record is pointed to one
>>> of the IP addresses of the OPT port. If I send mail out and it goes
>>> out of the IP that is associated with the WAN port (Different than
>>> the OPT IP) it is categorized as SPAM as the MX reverse look up is
>>> bad.
>>
>> Tell whoever is doing this to stop being an idiot. The MX is the host
>> supposed to *receive* mail. The MX record doesn't say anything at all
>> about which host is sending out mail from this domain.
>
> If I understand what you are saying, I can only ask......
> Are you for real?

Yes.

However, if the OP must work around this he might try configuring the MX
as the smarthost for his clients/MTAs and have the SonicWall send out
all traffic from the MX on the OPT interface (if possible, I'm not
familiar with SonicWall or the OP's network).

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

Re: SMTP Traffic Routing

I understand what your issue is as we also have recently had this
issue. For those who have previously replied you need the mx record to
be attached to the emails or else companies such as aol and bt internet
are unable to carry out a Rdns on the emails so classify it as spam and
refuse to accept it.
What you need to do is setup a NAT rule whereby the mx record ip
address is transformed to your public address - then you need to tick
the create reverse rule option - this will set it up to send mail from
your internal to external ips using the mx record ip.
Dont forget to apply the correct firewall rules as well.
Should you have any problems feel free to email me as i know it can be
a pain to solve.

Phil


DigitalKid wrote:
> Hello All,
>
> I am wondering if anyone knows of a way to Route all outbound SMTP
> traffic through a specific IP address. Here is the Scenario:
>
> I have a SonicWall with enhanced OS. It of course has a WAN IP address.
> It also has 2 IP addresses associated with the OPT port for public
> servers. I recently changed the IP address of my mail server from> take any SMTP (Or all traffic if that is easier) and send it out of one
> of the IP addresses associated with the OPT interface.
>
> The reason for my doing this is that the MX record is pointed to one of
> the IP addresses of the OPT port. If I send mail out and it goes out of
> public to private. What i am looking to do is tell the SonicWall to

> the IP that is associated with the WAN port (Different than the OPT IP)
> it is categorized as SPAM as the MX reverse look up is bad.
>
> If anyone can provide any opinions or solutions it would be greatly
> appreciated.
>
> Thanks,
>
> Jason

Re: SMTP Traffic Routing

Phil wrote:
> I understand what your issue is as we also have recently had this
> issue. For those who have previously replied you need the mx record to
> be attached to the emails or else companies such as aol and bt
> internet are unable to carry out a Rdns on the emails so classify it
> as spam and refuse to accept it.

Do they require that the rDNS lookup is successful (i.e. returns a name)
or do they require that the rDNS lookup matches a/the MX record? The
latter would be - as stated before - utter nonsense.

> What you need to do is setup a NAT rule whereby the mx record ip
> address is transformed to your public address -

No. What you need to do - if you must work around this - is to use your
MX as a smarthost for sending out mail, and make sure that outbound
communication of the MX is NATed to the IP address given in the MX
record.

Or, since the MX host has a private address, maybe you can change the MX
entry in DNS to the public IP address and forward port 25/tcp to the MX.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich