On 11-Feb-02 Jonathan McDowell wrote:
On Mon, Feb 11, 2002 at 12:41:47PM -0000, D wrote:
No sorry I think your missing the point.
I want to FORCE users/servers on the network to redirect outgoing data sent on port 25 to another server (Internal mail server)
Not incoming mail
Something like:
ipchains -A input --protocol tcp --dport 25 --jump REDIRECT 25
might do the trick then. Possibly might get confused with it both being port 25, so either running the MTA on the gateway on a different port or adding an exclusion for the gateway IP to the ipchains rule might help.
Since it is outgoing mail that is being redirected, that should read '-A output' not '-A input'.
However, it still won't work because the 'new' server will probably refuse the relay (it has its own anti-spam measures), and the sending process will be mighty confused because it thinks that it is talking to some other machine, not to one of your internal servers.
What you have to do is to redirect all outbound traffic directed at a foreign port 25 to a local socket on which you have a process listening and logging traffic. This process must then forward the traffic to its proper destination. Sounds mighty like 'socks' to me. RTFM.