Re: [fw-wiz] Allowing relay through Watchguard Firebox 1000
From: Patrick M. Hausen (hausen_at_punkt.de)
To: Bob Alberti <email@example.com> Date: Mon, 23 Feb 2004 09:35:10 +0100 (CET)
> That's actually fine -- normally they don't WANT relaying of course -- but I
> have been unsuccessful in my attempts to tell the firebox "It's okay to
> relay from this domain or this set of IP addresses."
Of course Fred Avolio's last statement on the subject really
gets to the heart of the matter: first define your policy, then
check if the desired application is in compliance with it.
But there should be a quick technical solution, if I understand
your setup correctly - you already run an internal mail server
that is protected by the firewall, right?
Why not have the cellphone users use the mail server as a smarthost
if they are "internal" to your network? If they are "external", i.e.
connected to an arbitrary ISP, they should use that ISP's mail
server for relaying anyway.
Patrick M. Hausen
Leiter Netzwerke und Sicherheit
-- punkt.de GmbH Internet - Dienstleistungen - Beratung Vorholzstr. 25 Tel. 0721 9109 -0 Fax: -100 76137 Karlsruhe http://punkt.de _______________________________________________ firewall-wizards mailing list firstname.lastname@example.org http://honor.icsalabs.com/mailman/listinfo/firewall-wizards