This is the automated ALUG IRC meeting reminder sent to remind you that there is an IRC meeting tonight (Monday) at 8.00pm. The meeting takes place on the irc server irc.openprojects.net in the #alug channel, you can take a look at www.openprojects.net to get more info on the openprojects network. Most IRC clients should allow you to get there with the commands "/server uk.openprojects.net" or "/server eu.openprojects.net" and "/join #alug". Popular IRC clients include tkirc, bitchx, xchat and EPIC on Unix, and Mirc under windows. Here are some links to help you get started with irc. Unix http://www.xchat.org/ http://freshmeat.net/ http://www.epicsol.org/ Windows http://www.mirc.com (loads of help with irc for newbies!)
Hi I want to redirect all mail sent via my Linux network to out main mail server so I can monitor for spamming etc.. and large quantities of mail. I figure it will probably be something using ipchains at the gateway machine. Any ideas? Thanks D
On Mon, 11 Feb 2002 12:31:46 -0000 D wrote:
I want to redirect all mail sent via my Linux network to out main mail server so I can monitor for spamming etc.. and large quantities of mail.
I figure it will probably be something using ipchains at the gateway machine. Any ideas?
Change the MX record for your linux network to point to the main mail server, or use .forward files, or change the set-up of your MTA to redirect to the main mailserver? Ipchains is used for dealing with packets of data, not mail. Regards, Martyn -- http://www.drake.me.uk http://www.martyn-drake.tv http://www.alug.org.uk
On Mon, 11 Feb 2002 12:31:46 -0000 D wrote:
I want to redirect all mail sent via my Linux network to out main mail server so I can monitor for spamming etc.. and large quantities of mail.
I figure it will probably be something using ipchains at the gateway machine. Any ideas?
Change the MX record for your linux network to point to the main mail server, or use .forward files, or change the set-up of your MTA to redirect to the main mailserver?
Ipchains is used for dealing with packets of data, not mail.
No sorry I think your missing the point. I want to FORCE users/servers on the network to redirect outgoing data sent on port 25 to another server (Internal mail server) Not incoming mail Thanks D
On Mon, Feb 11, 2002 at 12:41:47PM -0000, D wrote:
No sorry I think your missing the point.
I want to FORCE users/servers on the network to redirect outgoing data sent on port 25 to another server (Internal mail server)
Not incoming mail
Something like: ipchains -A input --protocol tcp --dport 25 --jump REDIRECT 25 might do the trick then. Possibly might get confused with it both being port 25, so either running the MTA on the gateway on a different port or adding an exclusion for the gateway IP to the ipchains rule might help. J. -- /------------------------------------\ | Are you happy with your wash? | | http://www.blackcatnetworks.co.uk/ | \------------------------------------/
On Mon, 11 Feb 2002 12:41:47 -0000 D wrote:
No sorry I think your missing the point.
I want to FORCE users/servers on the network to redirect outgoing data sent on port 25 to another server (Internal mail server)
Not incoming mail
I'd still say that it's a messy and unecessarily complicated way of doing things. What I would tend to do is to tell the SMTP server on your network to forward all outgoing requests to the main mail server. What are you running as the MTA? Regards, Martyn -- http://www.drake.me.uk http://www.martyn-drake.tv http://www.alug.org.uk
I want to FORCE users/servers on the network to redirect outgoing data sent on port 25 to another server (Internal mail server)
Not incoming mail
I'd still say that it's a messy and unecessarily complicated way of doing things. What I would tend to do is to tell the SMTP server on your network to forward all outgoing requests to the main mail server. What are you running as the MTA?
You can't when they are customer machines and customers using CGI's,php etc... it needs to be transparent to the network otherwise it would be a simple process Thanks D
On Mon, 11 Feb 2002 12:50:33 -0000 D wrote:
I want to FORCE users/servers on the network to redirect outgoing data sent on port 25 to another server (Internal mail server)
Not incoming mail
I'd still say that it's a messy and unecessarily complicated way of doing things. What I would tend to do is to tell the SMTP server on your network to forward all outgoing requests to the main mail server. What are you running as the MTA?
You can't when they are customer machines and customers using CGI's,php etc... it needs to be transparent to the network otherwise it would be a simple process
Understood now - I misunderstood you completely. I'm having a bad afternoon - please ignore me :) Regards, Mr. Plonker Drake -- http://www.drake.me.uk http://www.martyn-drake.tv http://www.alug.org.uk
On 11-Feb-02 Jonathan McDowell wrote:
On Mon, Feb 11, 2002 at 12:41:47PM -0000, D wrote:
No sorry I think your missing the point.
I want to FORCE users/servers on the network to redirect outgoing data sent on port 25 to another server (Internal mail server)
Not incoming mail
Something like:
ipchains -A input --protocol tcp --dport 25 --jump REDIRECT 25
might do the trick then. Possibly might get confused with it both being port 25, so either running the MTA on the gateway on a different port or adding an exclusion for the gateway IP to the ipchains rule might help.
Since it is outgoing mail that is being redirected, that should read '-A output' not '-A input'. However, it still won't work because the 'new' server will probably refuse the relay (it has its own anti-spam measures), and the sending process will be mighty confused because it thinks that it is talking to some other machine, not to one of your internal servers. What you have to do is to redirect all outbound traffic directed at a foreign port 25 to a local socket on which you have a process listening and logging traffic. This process must then forward the traffic to its proper destination. Sounds mighty like 'socks' to me. RTFM. -- Playing 'bop' is like Scrabble with all the vowels missing. Duke Ellington Raphael Mankin E-Mail: raph@panache.demon.co.uk ----------------------------------
On Mon, Feb 11, 2002 at 06:17:02PM -0000, Raphael Mankin wrote:
On 11-Feb-02 Jonathan McDowell wrote:
On Mon, Feb 11, 2002 at 12:41:47PM -0000, D wrote:
No sorry I think your missing the point.
I want to FORCE users/servers on the network to redirect outgoing data sent on port 25 to another server (Internal mail server)
Not incoming mail
Something like:
ipchains -A input --protocol tcp --dport 25 --jump REDIRECT 25
might do the trick then. Possibly might get confused with it both being port 25, so either running the MTA on the gateway on a different port or adding an exclusion for the gateway IP to the ipchains rule might help.
Since it is outgoing mail that is being redirected, that should read '-A output' not '-A input'.
Not that I really care, but I was assuming the redirection was being done on the gateway machine for machines on the network, in which case the packets *do* hit the INPUT chain as they come into the gateway from the internal interface.
However, it still won't work because the 'new' server will probably refuse the relay (it has its own anti-spam measures), and the sending process will be mighty confused because it thinks that it is talking to some other machine, not to one of your internal servers.
Freeserve manage it. Given that it's just SMTP you'll probably find most things don't care; I doubt anything standard checks the SMTP greeting which is going to be the only thing that's easily noticable. You're presumably redirecting to a machine that expects to relay for the network anyway, so that bit isn't a problem either. It'll Just Work, unless you throw something like SMTP AUTH or some other server specific extension into the mix, which very few clients do. J. -- Computing is like sex because... When you do it professionally it's not as much fun.
participants (6)
-
D -
Jonathan McDowell -
Martyn Drake -
Martyn Drake -
Neill Newman -
Raphael Mankin