Software602 Home . products . download . support . register . how to buy . . view cart . . . contact us . . . .
Software602 Home . . . . . .
. .
.
.
Software602 Login
E-mail:
Password:
forgot?
.
Support Home .
.
User Forum .
.
Knowledge Base .
.
Submit Ticket .
.
View My Tickets .
.
. .
.
602Pro LAN SUITE 2003 User Forumforum home | rss | search | terms of use
BackBack to 602Pro LAN SUITE 2003 Forum
Add New TopicAdd New Topic
Post ReplyPost Reply
Using 602LanSuite as Email Gateway
  Posted by  Paul Hawkins  on Monday, January 19, 2004 at 5:28:40 PM (EST)
I read in one of the tip archives (sep 03) that LANSuite 2003 could be used as an email gateway.

Seem to be having problems making this work:-

Scenario
I have a couple of domains with MX records pointing to the SMTP server on my LANSuite Email Server. Everything works fine - however, I wanted the LANSuite to now pass email for the two domains to another email server on my network.

As I understand it from the tips pages, I can get LANSuite to forward mail destined for a particular domain to my other email server.

I setup the preset routes, e.g. abc.com ----> 192.168.0.26. What happens is, if the LANSuite doesnot have an account for the particular user (e.g. fred@abc.com) it rejects the message and states that it does not relay or 'no such user'.

If I add an account, the email is accepted, but instead of being delivered to my email server at 192.168.0.26 it is delivered locally to the LANSuite email server.

Has anyone successfully set this email gateway scenario up?

Reason for doing this is that my other email server is Exchange, and I wanted to using AV that comes with LANSuite AVG which is much cheaper than buying an AV solution for Exchange.
  Posted by Robert Smith  on Tuesday, January 20, 2004 at 12:12:16 PM (EST)
Sounds like you checked "relay for 602pro lan suite users only" in the SMTP relay section.

Uncheck it and set up an IP filter. The second part of the instructions in the tips and tricks talks about it.
  Posted by Paul Hawkins  on Tuesday, January 20, 2004 at 4:44:13 PM (EST)
Thank you for your reply. I have implemented your suggestion, and the only way it will work is if I uncheck all SMTP relay options. Obviously this is not workable, as it will allow any spammer to use my mail server as a relay and I will then end up blacklisted as an open relay.

If I implement a rule specifying the IP address of my exchange email server, I then get the message saying 'I do not relay'.

Perhaps I have misunderstood something in the instructions - but to my thinking, adding the IP rule will only work when my Exchange Server sends mail to the LANSuite mail server - e.g. the LANSuite server would normally only relay mail if the person in the From address has an account on the server - by unchecking all relay options and then adding in a permit rule which basically states relay any mail from my exchange server, this is how the LANSuite would allow the relay to happen when the From Address didn't have an account on the LANSuite Server.

If the email is coming in from the internet, going through the LANSuite Server and finally being directed to my Exchange Server, how can I setup a permit rule to allow this relay because the ip address could be any legal public IP address?

If my theory is full of holes, then please can someone point me in the right direction, as I won't take offence at being corrected..
:-)

Thanks again for your reply

Paul
  Posted by Russell Waddington  on Tuesday, January 20, 2004 at 6:38:14 PM (EST)
Found the following int the LS2003 manual:

Private Networks
Routing messages according to the Preset routes settings is available in case you need to send messages for
specific domains to specific computers instead of to the Internet. The Preset routes button is enabled if you
check the Use preset routes check box. After pushing the Preset routes button, the list of preset routes will
appear. Enter the values you need to Mail domain and Destination host fields then click the add button.
You can edit or delete all of the entered values. Simply highlight the appropriate value and push the
Delete/Edit button.


After trying it, I found the presets would not work for email coming from the internet. But email the came from mailboxes defined to LS would follow the presets. What it seems to be good for is sending email between private LANs that have no internet addressing. So you have a LAN in one building and a LAN in a second building, both with LS2003. You can send email between them by defining preset routes to the opposite building that the LS2003 is in.
  Posted by Andy Sharrem  on Tuesday, January 20, 2004 at 8:07:49 PM (EST)
The September Tip is misleading. I aslo understood the preset routes to be an internal thing. The trick / obstacle here is to accept the mail for the other domains without becoming an open relay. Once the mail is accepted I would expect the LS server to forward accordingly.

One possible way may be to use SMTP spooling from your ISP. Then you can define a SMTP Filter to accept mail only from your ISP Spooling SMTP server.
  Posted by Paul Hawkins  on Wednesday, January 21, 2004 at 4:43:20 AM (EST)
Thank you all for your feedback. The general feeling seems to be that the preset routes is only for internal routing and not routing email traffic from external sources (.e.g direct from the internet).

Unfortunately I cannot use the spooling method, as my mail server is setup to be the mail exchange for the domains I am working with - in other words when someone external sends mail to one of my domains, the sending mail server looksup the MX records via DNS for the particular domain and directly sends it to my mail server.

Looks as though I need to rethink my choice of email gateway - unless any TechSupport guys at 602Software knows different!

Paul
  Posted by Robert Smith  on Wednesday, January 21, 2004 at 10:03:11 AM (EST)
I think it works still, I got mine working wihtout any problems.

I set up a domain "mydomain.com". This is my default domain in LAN SUITE. If I want to forward the messages to a machine on the network, I just type in the IP address of the machine on the network (ie: 192.168.1.3) in the second field and the domain (mydomain.com) in the first.

I installed a second copy of LS on the .1.3 machine and set it up to include the domain "mydomain.com" and the messages forward from the first box to the second without any problems.

Regarding the unchecking of the SMTP relay, like I said, set up an IP filter as described in the seconf part of the tip. This will prevent people from relaying in to your mail server and NOT block smtp messages from other servers..it ONLY blocks relaying. If you set it up like the example in the tip, it works great.
  Posted by Ronald Elliott  on Saturday, January 24, 2004 at 11:32:30 PM (EST)
O.K. I've tried this numerous times myself including just minutes ago. The only box I have checked is "IP Filter defines access to SMTP Relay".

Mail coming from the outside world is rejected based on the IP filter even though I have preset routes configured as well.

Here's what my logfile says:
10:10:44 PM SMTP: [2] Rejecting message from rxe2327@hotmail.com for ronell@efe.florissant.mo.us: We do not relay
10:10:44 PM SMTP: [2] (Host doesn't conform to IP Filter settings)

I've tried all of the suggestions listed and agree that you have leave the relay wide open in order to have lansuite act as an incoming gateway, at least to a non-lansuite mail server (exchange in my case). Works fine for outgoing but that doesn't give us the AV or Anti-Spam as an incoming Gateway.

Reading the items in the configuration says to me that what we're trying to do won't work. If "IP Filter defines access to SMTP Relay" and the filter is based on "from host/subnet" what does that leave you with?

I believe what we need is a way to tell LanSuite that it services X, Y, and Z domains in addition to the default and oh by the way, the post office for Z domain is over there. If I'm out to lunch please let me know because I'd really like this to work for me.
  Posted by Paul Hawkins  on Sunday, January 25, 2004 at 9:51:13 AM (EST)
Well thanks for your feedback Ronald - I too have come to the same conclusion as you - as my earlier post indicates.

LS2003 is an excellent product, but it does seem that the top tip in Sept tips & tricks is misleading.

Come on Tech Support guys give us a definative answer as to whether we can do this or not - as it seems that there are a number of us users trying to do the same thing without success!
  Posted by Andy Sharrem  on Tuesday, January 27, 2004 at 10:49:03 PM (EST)
SMTP Spooling may be worthy of investigation...
My Firewall will only accept inbound SMTP connections from the LAN and my ISP SMTP2 (spooling) Server. I have 2 MX records.
MX = 10 mydomain.com
MX = 20 smtp2.isp.com
All mail for my domain will fail (firewall) and go to the next MX. The SMTP2 server will poll my server and relay all spooled messages. The only SMTP IP filters I need are for my internal lan and the ISP's SMTP2.

I am about to play with the order of my MX records so all mail goes to SMTP2 first. We will soon find out if the ISP has a recursion trap.
  Posted by Ronald Elliott  on Wednesday, January 28, 2004 at 5:55:10 PM (EST)
Andy,
Appreciate the thought but I get the impression Paul feels the same way I do. I want to do this within my own resources, leaving the ISP out. I really don't have many problems (knock on wood) with email into my domains but it would make sense to add the layer of vigilence that Lansuite provides, if it worked as we were led to believe by the posted tip.

Thanks for your suggestion and I hope it proves useful to some of us out here trying to make life easier.
BackBack to 602Pro LAN SUITE 2003 Forum
Add New TopicAdd New Topic
Post ReplyPost Reply
.
. . .
.
  © 2009 Software602, Inc. All rights reserved.