Raptor Firewall

[Whoheard]

I am using Raptor 6.0 and have recently stopped receiving email. I checked to verify that all rules are still in place--ok.

I have had to add a rule to the firewall that allows smtp traffic, port 25, directly to the email server to get the mail flowing again. My question is, since I had the firewall acting as the public IP, and redirecting the traffic to the email server, why would I need to add a rule that allows external SMTP to the email server?

Yes, I know there are other ways of doing this, but the customer wants it set this way.

bob

I know what I know and that's all I know.

 

[pansophic]

I don't recall ever having to do this. Raptor is a Proxying Firewall, and has an SMTP proxy built in. You should have to enable the proxy, but if you have a rule in place, I believe that it bypasses the proxy server entirely, which is bad in terms of vulnerabilities. It is far more likely that the mail server behind the proxy will have a vulnerability than it is that the proxy will have one.

When you telnet to the mail server from outside, do you get the mailserver's banner, or the firewall's?


pansophic

 

[Whoheard]

I found the documentation for the software, and it states that I should have a rule for a redirected service. I did not think this was necessary because I figured the redirect service would automatically create a rule based on the properties if the configured service. This appears not to be the case.

Thanks for your help.

bob

I know what I know and that's all I know.