[c-nsp] SMTP Redirection

a. rahman isnaini r. sutan risnaini at speed.net.id
Fri Aug 17 20:25:09 EDT 2007


"layer3 header information is not being changed" > right !.
DNAT on the current gateway ?

:: a. rahman isnaini r. sutan



----- Original Message ----- 
From: "Julio Arruda" <jarruda-cnsp at jarruda.com>
To: <cisco-nsp at puck.nether.net>
Sent: Saturday, August 18, 2007 7:12 AM
Subject: Re: [c-nsp] SMTP Redirection


:
: The traffic is being routed to the next-hop, but I would assume the
: layer3 header information is not being changed, so, the traffic is
: arriving at 192.168.20.20 would still have 'destination IP == original
: smtp server. you would need to DNAT the traffic somewhere so the IP
: stack in the 'intercept' server would see the traffic.
:
: a. rahman isnaini r. sutan wrote:
: > Hallo Jorge,
: >
: > I did, as the next hop is only ip not with the specific port.
: > Any destination to smtp will be redirected to 192.168.20.20 which in 
this
: > config should be directly connected to to gateway (router), while in 
many
: > providers their smtp oftenly covered by firewall which might be 3-4 hops
: > away from this gateway.
: > Mail sending is stuck somewhere and I believe the router redirects the
: > traffic (let say smtp server directly connected) to the server without
: > having any idea to which opened / specific tcp port.
: >
: >
: > :: a. rahman isnaini r. sutan
: >
: >
: >
: > ----- Original Message ----- 
: > From: "Jorge Evangelista" <netsecuredata at gmail.com>
: > To: <cisco-nsp at puck.nether.net>
: > Sent: Saturday, August 18, 2007 4:50 AM
: > Subject: Re: [c-nsp] SMTP Redirection
: >
: >
: > :I have not tried it yet, but I think that you could try something like 
that
: > :
: > : Customers=192.168.10.0/24
: > : SmtpRelay=192.168.20.20
: > :
: > :
: > : !
: > : access-list 100 remark SMTP Redirect of Customers to 
smtp.providername.com
: > : access-list 100 permit tcp 192.168.10.0 0.0.0.255 any eq smtp
: > : !
: > : route-map SMTP-Redirect permit 10
: > : match ip address 100
: > :  set ip next-hop 192.168.20.20
: > : !
: > : interface FastEthernet 0/0
: > : description connected to Internet
: > : ip policy route-map SMTP-Redirect
: > : !
: > : !
: > :
: > :
: > :
: > :
: > : http://www.init7.net/anti-spam/
: > :
: > :
: > :
: > : On 8/17/07, a. rahman isnaini r. sutan <risnaini at speed.net.id> wrote:
: > : > ip nat outside source static tcp o.o.o.o 25 xxx.xxx.xxx.xxx (mail
: > server)
: > : > 25?
: > : > :: a. rahman isnaini r. sutan
: > : >
: > : >
: > : >
: > : > ----- Original Message -----
: > : > From: "Stephen Kratzer" <kratzers at pa.net>
: > : > To: <cisco-nsp at puck.nether.net>
: > : > Cc: "a. rahman isnaini r. sutan" <risnaini at speed.net.id>
: > : > Sent: Friday, August 17, 2007 8:16 PM
: > : > Subject: Re: [c-nsp] SMTP Redirection
: > : >
: > : >
: > : > : On Thursday 16 August 2007 09:31:48 a. rahman isnaini r. sutan 
wrote:
: > : > : > what the config looks like ?
: > : > : > as the mail server is not located / directly connected to the
: > router.
: > : > : >
: > : > : > tx
: > : > : >
: > : > : > :: a. rahman isnaini r. sutan
: > : > :
: > : > :
: > : > : http://www.cisco.com/warp/public/556/12.html#topic8
: > : > :
: > : > :
: > : > : --
: > : > : No virus found in this incoming message.
: > : > : Checked by AVG Free Edition.
: > : > : Version: 7.5.484 / Virus Database: 269.11.19/956 - Release Date:
: > 8/16/2007
: > : > 9:48 AM
: > : > :
: > : > :
: > : >
: > : > _______________________________________________
: > : > cisco-nsp mailing list  cisco-nsp at puck.nether.net
: > : > https://puck.nether.net/mailman/listinfo/cisco-nsp
: > : > archive at http://puck.nether.net/pipermail/cisco-nsp/
: > : >
: > :
: > :
: > : -- 
: > : "The network is the computer"
: > : _______________________________________________
: > : cisco-nsp mailing list  cisco-nsp at puck.nether.net
: > : https://puck.nether.net/mailman/listinfo/cisco-nsp
: > : archive at http://puck.nether.net/pipermail/cisco-nsp/
: > :
: > :
: > : -- 
: > : No virus found in this incoming message.
: > : Checked by AVG Free Edition.
: > : Version: 7.5.484 / Virus Database: 269.11.19/956 - Release Date: 
8/16/2007
: > 9:48 AM
: > :
: > :
: >
: > _______________________________________________
: > cisco-nsp mailing list  cisco-nsp at puck.nether.net
: > https://puck.nether.net/mailman/listinfo/cisco-nsp
: > archive at http://puck.nether.net/pipermail/cisco-nsp/
:
: _______________________________________________
: cisco-nsp mailing list  cisco-nsp at puck.nether.net
: https://puck.nether.net/mailman/listinfo/cisco-nsp
: archive at http://puck.nether.net/pipermail/cisco-nsp/
:
:
: -- 
: No virus found in this incoming message.
: Checked by AVG Free Edition.
: Version: 7.5.484 / Virus Database: 269.11.19/956 - Release Date: 8/16/2007 
9:48 AM
:
: 



More information about the cisco-nsp mailing list