- Spam protected email address for mailman archive
- Subversion to DVCS - Your mindset has to change as well
- DNMA92, ath9k and hostapd with Voyage Linux
- Slides for Open Source Developer talk at SFD
- Open Source Developer talk at Software Freedom Day 2009 HK
- Building compat-wireless drivers for 2.6.30
- leds-alix2 module in 2.6.30 kernel
- squashfs 4.0 on Debian Lenny and 2.6.30 kernel
- Upgrade Debian Etch Xen 3.0.2 to Lenny Xen 3.2
- Modrewriting viewcvs to viewvc in Apache2
Exim4, redirect SMTP traffic to 465 to smarthost
Submitted by punkytse on October 16, 2007 - 14:34.
Developer | Linux
I will soon moving home so that the new ISP may not allow me to send SMTP traffic without using the authorized SMTP gateway. Luckily that I use smarthost which located in offshore location to replay SMTP traffic and I have root access to the box running smarthost.
There are two steps to setup in smarthost and my local SMTP gateway:
- 1. Send up smarthost to listen to both SMTP and port 465
- 2. Set up iptable DNAT in local box to map SMTP port to 465
I skip how to relay SMTP traffic in local box to smarthost, probably I may write another blog article for it.
1. Listen to port 465 in smarthost
In smarthost, according to /usr/share/doc/exim4-base/README.Debian.gz section 2.2, I turn on TLS:
MAIN_TLS_ENABLE=1in /etc/exim4/exim4.conf.template and set:
SMTPLISTENEROPTIONS='-oX 465:25 -oP /var/run/exim4/exim.pid'in /etc/default/exim4. Then run:
/usr/share/doc/exim4-base/examples/exim-gencertto generate the certificate and key for TLS. Please note that some of the above steps may not be required. But anyway, I follow the instruction to save time later for troubleshooting. After that I restart exim:
/etc/init.d/exim4 restartRunning netstat, you should see both smtp and ssmtp (465) is now listened:
smarhost # netstat -l|grep smtp tcp 0 0 voyage.voyage.hk:ssmtp *:* LISTEN tcp 0 0 voyage.voyage.hk:smtp *:* LISTEN
2. Set up iptable DNAT in local box to map SMTP port to 465
Next, it is required to setup iptables to map outbound SMTP traffic to port 465. After a few tails, I found the following DNAT target works:
iptables -t nat -A OUTPUT -p tcp --dport 25 -j DNAT -- to-destination :465This will forward all outbound SMTP traffic to port 465. To verify, try the following command in local SMTP gateway to test the connection to smarthost:
localbox # telnet [smarthost] 25 Trying [smarthost IP]... Connected to [smarthost]. Escape character is '^]'. 220 voyage.voyage.hk ESMTP Exim 4.63 Tue, 16 Oct 2007 16:23:40 +0930While the telnet session connects to smarthost, you can verify the port is being connected from localbox:
smarthost # netstat -a|grep smtp tcp 0 0 voyage.voyage.hk:ssmtp *:* LISTEN tcp 0 0 voyage.voyage.hk:smtp *:* LISTEN tcp 0 0 voyage.voyage.hk:ssmtp [localbox ip]:36676 ESTABLISHEDYou can see localbox connects to smarthost using ssmtp (port 465). We are done!
» punkytse's blog | login to post comments
