RE: [fw-wiz] Allowing relay through Watchguard Firebox 1000

From: Frederick M Avolio (fred_at_avolio.com)
Date: 02/21/04

  • Next message: Karl D. Mueller: "RE: [fw-wiz] Allowing relay through Watchguard Firebox 1000" 
    To: "Karl D. Mueller" <karlm@acshelp.com>, "Bob Alberti" <alberti@sanction.net>
Date: Sat, 21 Feb 2004 15:51:12 -0500

    At 03:40 PM 2/21/2004 -0500, Karl D. Mueller wrote:
    >My suggestion is to remove the SMTP proxy alltogether from the
    >watchguard, and just setup a port forward (1-to-1 NAT in
    >watchguard-speak) directly to your server.

    Ahhhrrrggggg.

    <sarcasm>
    You *will* find things are much faster without all those nasty firewall
    rules getting in the way.
    </sarcasm>

    I was impressed that some people were actually using the SMTP proxy rather
    than just dynamic packet filtering on the Firebox. Take it out of the way?
    No, debug it, dammit. It is possible (as the poor gent with the Exchange
    server asked) that it is the inside server that's complaining. Look at the
    Firebox logs and the e-mail server logs. SMTP relays are funny things...
    they reject mail themselves and the reject mail if the server to which they
    tried to connect rejects the transaction.

    I was so enamored with the Firebox SMTP Proxy, I wrote a column for them (a
    few years ago when I was on their advisory board). It is dated, but I do
    make a case for it. (http://www.avolio.com/columns/smtp_proxy.html.)

    I suspect sometimes that I am the oldest person on this list...

    f

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Karl D. Mueller: "RE: [fw-wiz] Allowing relay through Watchguard Firebox 1000"

    Relevant Pages

    • Re: Help setting up ASSP with Exchange
      ... spam filter. ... "The Anti-Spam SMTP Proxy Server project is an open source ...
      (microsoft.public.windows.server.sbs)
    • RE: [fw-wiz] Allowing relay through Watchguard Firebox 1000
      ... If he removes the SMTP proxy, ... cease, then focus on troubleshooting the firebox, if not it's probably ... >watchguard-speak) directly to your server. ... than just dynamic packet filtering on the Firebox. ...
      (Firewall-Wizards)
    • RE: [fw-wiz] Allowing relay through Watchguard Firebox 1000
      ... back-end email server. ... My suggestion is to remove the SMTP proxy alltogether from the ... > relay mail from their cell phones outside the domain (i.e. to ... They're sending mail from their cell phones, ...
      (Firewall-Wizards)
    • RE: [fw-wiz] Cannot send mail
      ... Watchguard throws out that error when an email address is denied by the SMTP ... Check out the properties of the SMTP proxy: in the Watchguard firebox ... I have just finished building and installing an email server for our ...
      (Firewall-Wizards)
    • Firebox X500 Authentication
      ... Windows 2003 Server connected to a Firebox X500 Firewall ... MySQL database on their their individual laptops. ... provided it the IP address for our network, ...
      (comp.security.firewalls)