Topic: SME 5.6 filter mail for exchange.

[SSBN]

Is this at all possible. I would like to set an sme box up before my exchange server. I would like to have the SME box receive the email pass it through spam filters and then forward it to the proper users in exchange. Can this be accomplished and if so have any of you tried it. If so can you give me sum info how you did it.

[Klaus Eckert]

there is already a thread about this topic.

have a look at the tread "group email address" in this part of the forum.

cheers klaus

[Gary]

Why dont you just buy Mail Essentials for Exchange and keep it all on the same box?

[Schotty]

Most probably because he like many other companys are looking for ways to get rid of exchange? I know 2 companys who are getting rid of it...

[ryan]

ssbn,

I have been filtering exchange mail with SME for 7 months now.  Simply change your mx record to point to your SME server (which must be the same domain as exchange) and set your delgate email server IP address in server manager.

Looking at the logs, I get over 1000 blocked spams per day.  About a dozen or so get though every day, so the filter rate is very good.  If you have a backup mx server, you will have to set up an sme to protect it as well, as many spammers simply send email to the backup mx server knowing it is less likely to be protected.  

My exchange had just a host record (not mx) on the internet for pop3 clients to access and the damn spammers found it and started sending spam to the host record IP instead of the mx record for my domain.  They really want you to get your daily spam!  No more internet IP address for my exchange....pop3 is now portforwarded from SME.  

ryan

[Tim Litwiller]

Ryan, Tell us more about your setup.   How do you have spamassassin or what ever you use setup to scan before it delivers thru the the internal server?

[ryan]

I installed e-smith-mailfront-1.0.0-02rbl.noarch.rpm.  Search for it and you should be able to download it.  

This installs a modified version of mailfront that allows you to list the rbl blacklists you want to use in /service/~smtpfront-qmail/rblsmtpd.conf.  I would read up on the use of rblsmtpd for the correct syntax.  This is an easy task compaired to doing this on a 5.1.2 server.

If you can't find the rpm, let me know and I will post my ftp site.

ryan

[Tim Litwiller]

ok,  that is one of the first things I install on a new sme setup.  But most places still need spamassassin to catch all/97%+ the spam and I have been looking for a way to process it globally without having a .procmail file for each user so this customer can continue to use thier exchange server they like so well.

[SSBN]

So Ryan all I have t do is install sme5.6 all updates, spamassison and e-smith-mailfront-1.0.0-02rbl.noarch.rpm. Then set my firewall to forward incoming email ports to my sme then set the sme to delegate email to the ip of my exchange. I then set spamassison to add spam to the header of all spam. I have don all this except add the mailfrot rpm and it isn’t picking up any spam. Do I just have to add the mailfront rpm to get this working or is there more I have to do.

[Tim Litwiller]

no, that won't do it.

at www.pagefault.org there are instructions for setting up amavis-ng and clamav to scan email for virus  follow those instructions - then replace when you have that working.

copy /usr/bin/qmail-queue.amavis to /usr/bin/qmail-queue.amavis.orig
make a new file /usr/bin/qmail-queue.amavis with

#!/bin/sh
spamc | /usr/bin/qmail-queue.amavis.orig

give it the same permissions and user and group as /usr/bin/qmail-queue.amavis.orig

then it runs thru spamassassin and the virus scanner before forwarding on to the next server.

the downside of this is now we have no logging of what spamassassin did to make our statistics page from.

[ryan]

ssbn,

Mailfront with rbl support requires that you edit the \service\smtpfront-qmail.  This is where you add blacklists.  Do a search on google for the mailfront site which gives examples of how to use this file.  

Understand you can't mix mailfront /rbl and any program that "processes" email for spam on the server.  All emails that get blocked by the rblsmtpd deamon will not get passed to qmail.  Besides, if you are forwarding email to a delegate server, this might impact how qmail processes email (which may affect spamassason)   All email that gets through the rblsmtpd deamon will be forwarded.  No user accounts need to exist on the SME server.

Hope that helps.

ryan

[SSBN]

Tim Litwill will you setup let me use spamassassin option of adding spam to the header of the email so the clients using outlook can set up a rule to move email with spam in the header to a junk folder.

Ryan are you elaborating on Tim's setup or is that a different way of doing it.

Thanks for all the help you guys.

[Tim Litwiller]

SSBN:    Like Ryan says - the rblsmtp blocks email from getting into your server so you can't process those messages - think of it as a very high score in spamassassin - that gets dropped rather than processed.

Thoe messages that get passed the rblsmtp could still be processed by spamassassin - the only two things different in the way I mentioned other than the procmail local delivery is:
1 spamassassin doesn't know who the recipient is
2 no logging of the processes happens.


Your question of the header,  you still use the same spamassassin configuration files in /etc/mail/spamassassin/ so the same setting still apply.

[SSBN]

Ok I am starting to understand. Thanks Tim and ryan for taking the time to explain it to me. I am still new all things considered to modifying Linux. I will give all this try and se how it works.

My only concern is will I be able to have any type of white list. From what you tell me no I can’t because the black list drops the email before it hit’s spam assassin. So if I wanted to allow email from hotmail I would be out of luck if I do it this way correct.

Second from what I understand email that is dropped because it is on a black list is gone. So there is no way to have it sent to a junk email folder or anything like that.

Thanks for taking the time to answer my questions.

[ryan]

ssbn,

I right now I am using 9 blacklists (2 of those just block all email from china & korea).  The other 7 don't block anything from hotmail or yahoo.  You must add the blacklists of your choice to the /service/smptfront-qmail file.  You can go with extremely aggressive lists, or not so aggressive.  You must do your research to pick the right blacklists for your situation.  I have had to remove an extreme list due to earthlink servers getting listed.  

A note.....I was using spews.orsirusoft.com blacklist...it is very effective, but recently osirusoft was Dos attacked...very bad attack.  It took the osirusoft domain completely offline.  They are getting healed, but you might do some dns / nslookup testing to verify the response times.  When they where under attack, my mail servers "paused" a long time trying to check each message against osiruosft.  This pause caused many email servers sending email to give up and time out on the delivery.  I guess osirusoft was effective if someone wanted to hurt them bad.    Techically this could happen to other blacklist domains.

good luck

ryan

[Tim Litwiller]

Yes, those emails coming from places that are black listed will get dropped but - the rest of the junk email gets scored by spamassassin and you can use spamassassins white and black lists to make sure that those emails get correctly marked  ( some uce comes from valid places)
or some organizations especially with internet sales aren't willing to block so agresively with rblsmtp.  Like Ryan says some rbls will be to aggresive - some are very specific to areas etc....

[SSBN]

Ok here is what i have so far. Fresh install of SME 5.6 all updates
installed
spam ass.rpm
e-smith-mailfront-1.0.0-02rbl.noarch.rpm
clamav.rpm
 
I then folowed the how-to on how to set up clamav and all went well.

Here is where i gut stuck.

("copy /usr/bin/qmail-queue.amavis to /usr/bin/qmail-queue.amavis.orig          )
(make a new file /usr/bin/qmail-queue.amavis with                                        )
(                                                                                                               )
(  #!/bin/sh                                                                                                 )
( spamc | /usr/bin/qmail-queue.amavis.orig                                                   )
(                                                                                                               )
(give it the same permissions and user and group as /usr/bin/qmail-               )(queue.amavis.orig                                                                                     )
(                                                                                                               )
(then it runs thru spamassassin and the virus scanner before forwarding on to )(the  next server.                                                                                        )

I cant find the files in /usr/bin
did i miss somthing to install

Thanks

[Tim Litwiller]

yep, you forgot amavis
http://www.pagefault.org/howto/amavis_clam.shtml

[SSBN]

I did install it. Did the how to as well. It all seamed to work. But i still cant find the files. Am i looking in the proper place. I did a find qmail-queue.amavis  and it didn't find it. Could it be under another name.

any idea where i went wrong.

[SSBN]

hahaha i didn't finish it. Just did the firs part. I should go to bed.

Thanks

[SSBN]

SME 5.6 Exchange front end.

In my quest to getting my sme server to filter spam for my exchange server here is whit I have bin told to do. I haven’t bin able to get it working yet but I think I know where I went wrong. But could Tim Litwiller and Ryan fill in the blanks for me.

1: First set up a SME 5.6 server with all the updates as per the updates how to.

2: Download and move to an i-bay e-smith-mailfront-1.0.0-02rbl.noarch.rpm

Log into the shell and navigate to the dir with mailfront.
Type in rpm –Uvh e-smith-mailfront-1.0.0-02rbl.noarch.rpm
Restart the server (I am not sour if this is exactly how it should be installed. Can you guys confirm?)

3: You can now go to the /service/~smtpfront-qmail/rblsmtpd.conf. and add black lists of your choice. Any blacklisted email will be dropped and lost.

(Just wondering is there anywhere in these steps an signal-event post-update should be run)

4: Next go to other email options and set the delegate email server to the ip of your exchange server.

Blacklisted email will now be dropped based on the blacklists you pick.


Going a bit further.

From whit I understand you can take this a step further and use spam assassin with this setup.
(Do I need to have install the modified mailfront for this to work?)

1:Go to at www.pagefault.org there are instructions for setting up amavis-ng and clamav to scan email for virus follow those instructions - then replace when you have that working
copy /usr/bin/qmail-queue.amavis to /usr/bin/qmail-queue.amavis.orig
make a new file /usr/bin/qmail-queue.amavis with

#!/bin/sh
spamc | /usr/bin/qmail-queue.amavis.orig
(I am not sour what this is doing. Could you explain in more detail? I am not real good with Linux commands yet)
give it the same permissions and user and group as /usr/bin/qmail-queue.amavis.orig

2:Now you should be able to use the features of spam assassin.

Can you guys take a look at this and correct me where I am wrong or way off. Thanks for all your time.

[Tim Litwiller]

SSBN wrote:
>
> SME 5.6 Exchange front end.
>
> In my quest to getting my sme server to filter spam for my
> exchange server here is whit I have bin told to do. I haven’t
> bin able to get it working yet but I think I know where I
> went wrong. But could Tim Litwiller and Ryan fill in the
> blanks for me.
>
> 1: First set up a SME 5.6 server with all the updates as per
> the updates how to.
>
> 2: Download and move to an i-bay
> e-smith-mailfront-1.0.0-02rbl.noarch.rpm
>
> Log into the shell and navigate to the dir with mailfront.
> Type in rpm –Uvh e-smith-mailfront-1.0.0-02rbl.noarch.rpm
> Restart the server (I am not sour if this is exactly how it
> should be installed. Can you guys confirm?)
>
> 3: You can now go to the
> /service/~smtpfront-qmail/rblsmtpd.conf. and add black lists
> of your choice. Any blacklisted email will be dropped and lost.
>

Should be ok - I only use spamcops blacklist

> (Just wondering is there anywhere in these steps an
> signal-event post-update should be run)
>
I don't remember

> 4: Next go to other email options and set the delegate email
> server to the ip of your exchange server.
>
> Blacklisted email will now be dropped based on the blacklists
> you pick.
>
>

Yes, that should take care of the worst of the spam

> Going a bit further.
>
> From whit I understand you can take this a step further and
> use spam assassin with this setup.
> (Do I need to have install the modified mailfront for this to
> work?)
>
Did you install the spamassassin listed at contribs.org?

> 1:Go to at www.pagefault.org there are instructions for
> setting up amavis-ng and clamav to scan email for virus
> follow those instructions - then replace when you have that
> working
> copy /usr/bin/qmail-queue.amavis to
> /usr/bin/qmail-queue.amavis.orig
> make a new file /usr/bin/qmail-queue.amavis with
>

amavis replaces the origianl qmail-queue with it's own perl script that scans for virus and then passes the mail thru to the original qmail-queue - here we add another layer that scans for spam and then passes to amavis who them scns for virus and passes back to original qmail-queue


> #!/bin/sh
> spamc | /usr/bin/qmail-queue.amavis.orig

also chmod u+x  /usr/bin/qmail-queue.amavis to make it executable


> (I am not sure what this is doing. Could you explain in more
> detail? I am not real good with Linux commands yet)
> give it the same permissions and user and group as
> /usr/bin/qmail-queue.amavis.orig
>
> 2:Now you should be able to use the features of spam assassin.
>
> Can you guys take a look at this and correct me where I am
> wrong or way off. Thanks for all your time.

[ryan]

Tim Litwiller wrote:
>
> SSBN wrote:
> >
> > SME 5.6 Exchange front end.
> >
> > In my quest to getting my sme server to filter spam for my
> > exchange server here is whit I have bin told to do. I haven’t
> > bin able to get it working yet but I think I know where I
> > went wrong. But could Tim Litwiller and Ryan fill in the
> > blanks for me.
> >
> > 1: First set up a SME 5.6 server with all the updates as per
> > the updates how to.
> >
> > 2: Download and move to an i-bay
> > e-smith-mailfront-1.0.0-02rbl.noarch.rpm
> >
> > Log into the shell and navigate to the dir with mailfront.
> > Type in rpm –Uvh e-smith-mailfront-1.0.0-02rbl.noarch.rpm
> > Restart the server (I am not sour if this is exactly how it
> > should be installed. Can you guys confirm?)
> >
> > 3: You can now go to the
> > /service/~smtpfront-qmail/rblsmtpd.conf. and add black lists
> > of your choice. Any blacklisted email will be dropped and
> lost.
> >
>
> Should be ok - I only use spamcops blacklist
>
> > (Just wondering is there anywhere in these steps an
> > signal-event post-update should be run)
> >

> I don't remember
ryan:  no restart or reboot necessary, changes are immediate.
>
> > 4: Next go to other email options and set the delegate email
> > server to the ip of your exchange server.
> >
> > Blacklisted email will now be dropped based on the blacklists
> > you pick.
> >
> >
>
> Yes, that should take care of the worst of the spam
ryan: SME domain must be exact domain for internet mail service on exchange.
>
> > Going a bit further.
> >
> > From whit I understand you can take this a step further and
> > use spam assassin with this setup.
> > (Do I need to have install the modified mailfront for this to
> > work?)
> >
> Did you install the spamassassin listed at contribs.org?
ryan:  spamassassin will be bored with very little to do if your blacklists are working.  KISS:  keep it simple stupid is the rule I follow.  Try the blacklists, use spamassassin only if you need it.
>
> > 1:Go to at www.pagefault.org there are instructions for
> > setting up amavis-ng and clamav to scan email for virus
> > follow those instructions - then replace when you have that
> > working
> > copy /usr/bin/qmail-queue.amavis to
> > /usr/bin/qmail-queue.amavis.orig
> > make a new file /usr/bin/qmail-queue.amavis with
> >
>
> amavis replaces the origianl qmail-queue with it's own perl
> script that scans for virus and then passes the mail thru to
> the original qmail-queue - here we add another layer that
> scans for spam and then passes to amavis who them scns for
> virus and passes back to original qmail-queue
>
>
> > #!/bin/sh
> > spamc | /usr/bin/qmail-queue.amavis.orig
>
> also chmod u+x  /usr/bin/qmail-queue.amavis to make it
> executable
ryan:  never used antivirus on linux...using mcafee on exchange server and all clients.
>
>
> > (I am not sure what this is doing. Could you explain in more
> > detail? I am not real good with Linux commands yet)
> > give it the same permissions and user and group as
> > /usr/bin/qmail-queue.amavis.orig
> >
ryan:  you can only practice.  practice on a test box.  have likely had to start over on a test box dozens of times...crashing/breaking it is a learning experience.  Fixing it is an even better learning experience.

> > 2:Now you should be able to use the features of spam
> assassin.
> >
> > Can you guys take a look at this and correct me where I am
> > wrong or way off. Thanks for all your time.

ryan:  right now I use 7 blacklists plus 3 non traditional that block subnets from china, korea, and hongkong.  

You can verify your blacklists are working by viewing the log in server manager.  Look at "smptfront-qmail/current".  The lines with 'rblsmtpd' are blocked messages.  This will show you emails that got in and those that got blocked.  I tend to use a key word 'rblsmtpd' to filter and show just the blocked emails.  

Keep in mind if you have a backup mx DNS record, spammers will try your backup server.  If it is not spam protected, you will get the spam.  Also, don't have your exchange server on the internet as a host address....spammers hit me once through a host record, not an MX record.  They are clever and persistent!  

If you need to access exchange from the internet for pop or imap, use portforwarding from a firewall.  If you use full exchange 5.5 services (global book, shared calendar, etc) over the internet, a firewall will kill these services.   Exchange server 2003 has full exchange services available through port 80, but you need to use the Outlook 2003 client for it to work.  Exch. 2000 can use full services with portforwarding if you open several ports.  I read that the new Exch 2003 server allows the use of blacklists, so SME won't need to guard it...but remember it is microsoft and a risk to be left on the internet in my opinion.  My firewalls continue to get dozens of hits per day with code red and the M$ sql attack.   Better play it safe and keep up the linux firewalls.

ryan

[dean]

I have a sme 5.6 in server only mode. I like to install a spam filter" e-smith-mailfront-1.0.0-02rbl.noarch.rpm" which looks that will do the job. But i do not know any reliable black lists or how to configure the "/service/~smtpfront-qmail/rblsmtpd.conf". Can you publish your rblsmtpd.conf

[dean]

>ryan: right now I use 7 blacklists plus 3 non traditional that block subnets from >china, korea, and hongkong.

>You can verify your blacklists are working by viewing the log in server manager. >Look at "smptfront-qmail/current". The lines with 'rblsmtpd' are blocked >messages. This will show you emails that got in and those that got blocked. I >tend to use a key word 'rblsmtpd' to filter and show just the blocked emails.

Ryan i installed the e-smith-mailfront-1.0.0-02rbl.noarch.rpm. I checked the rblsmtpd.conf and it has a line:RBLARGS="$RBLARGS -r list.dsbl.org" then i checked the "smtpfront-qmail/current" in server manager and i found no lines with "rblsmtpd". Is there any other way that i can check that this configuration is working? This how my :smtpfront-qmail/current" log looks:

400000003f3fccc6085268c4 smtpfront-qmail[7769]: MAIL FROM: BODY=8BITMIME
@400000003f3fccc60852a35c smtpfront-qmail[7769]: RCPT TO:
@400000003f3fccc62af05134 smtpfront-qmail[7769]: Accepted message qp 7770 bytes 10145
@400000003f3fccc62e9f8624 smtpfront-qmail[7769]: bytes in: 10336 bytes out: 193
@400000003f3fccc62ea3626c tcpserver: end 7769 status 0
@400000003f3fccc62ea381ac tcpserver: status: 0/40
@400000003f3fccfd0ca77aa4 tcpserver: status: 1/40
@400000003f3fccfd0cad79cc tcpserver: pid 7776 from 210.102.37.238
@400000003f3fccfd0e947d94 tcpserver: ok 7776 0:192.168.1.10:25 :210.102.37.238::4886
@400000003f3fccfe19a4df6c smtpfront-qmail[7776]: MAIL from:
@400000003f3fccfe28bfbd64 smtpfront-qmail[7776]: RCPT to:
@400000003f3fccfe28bfe85c smtpfront-qmail[7776]: Sorry, that domain isn't in my list of allowed rcpthosts.
@400000003f3fccfe37de2d6c smtpfront-qmail[7776]: bytes in: 96 bytes out: 196
@400000003f3fccfe37e136c4 tcpserver: end 7776 status 0
@400000003f3fccfe37e15604 tcpserver: status: 0/40

Before i installed the mailfront it looked like:

400000003f3e7dc7220ba12c smtpfront-qmail[19625]: MAIL FROM: BODY=8BITMIME
@400000003f3e7dc7220be77c smtpfront-qmail[19625]: RCPT TO:
@400000003f3e7dc72e35374c smtpfront-qmail[19625]: Accepted message qp 19626 bytes 1800
@400000003f3e7dc730e23a94 smtpfront-qmail[19625]: bytes in: 1801 bytes out: 193
@400000003f3e82030b9d1b3c smtpfront-qmail[19783]: MAIL FROM:<26490723@mail.apol.com.tw>
@400000003f3e82030b9d59bc smtpfront-qmail[19783]: bytes in: 50 bytes out: 80
@400000003f3e87f1047ccfb4 smtpfront-qmail[19870]: MAIL FROM:
@400000003f3e87f11090e5ec smtpfront-qmail[19870]: RCPT TO:
@400000003f3e87f1297cf2e4 smtpfront-qmail[19870]: Accepted message qp 19871 bytes 2438
@400000003f3e87f631ac8b8c smtpfront-qmail[19870]: bytes in: 2489 bytes out: 193

[ryan]

Dean,

The default install for smtpfront rbl rpm puts only ordb.org into the config file.  You need to evaluate carefully which blacklists you use.  Below is the contents of my rblsmtpd.conf file:

RBLARGS="$RBLARGS -r sbl.spamhaus.org -r relays.osirusoft.com -r opm.blitzed.org -r list.dsbl.org -r dnsbl.sorbs.net -r dnsbl.njabl.org -r bl.spamcop.net -r china.blackholes.us -r korea.blackholes.us -r hongkong.blackholes.us"

Anyone that uses blacklists must be aware you might block legitimate email and will likely never know unless a user complains.   My lists are not aggressive and allow email from the free domains such as yahoo & hotmail.  

I have recieved complaints from my users that can't recieve email from a sender on att.net and one on earthlink.net....the specific servers used by those senders had multiple blacklist hits, so I said sorry, can't allow that email.........

Useful tool to check domains and IP address against lots of spam rbl blacklists:

http://openrbl.org

If spam gets through, run the IP address through this site to see if other blacklists will block it....it is a cat and mouse game that goes on forever...., but I do block 99% of the spams with SME...so I am ahead at this point.



ryan

[dean]

Thanks ryan

checked the "smtpfront-qmail/current" for rbl and found plenty blocked emails. It's working!!!!!!!!!!

Thank's again for the blacklists.

[ryan]

Glad to hear your controlling spam!

Be aware...if you use a backup MX record (and backup server), it must have the same blacklists because many spammers will send spam to your backup servers knowing the primary is the most guarded.  Once delivered to to a backup server, it will be delivered unless you have additional processing of messages once they are accepted.

ryan

[ryan]

This just posted on slashdot:

Osirusoft Blacklists The World

 
Posted by timothy on Tuesday August 26, @11:15PM
from the wildcard-matches-for-evil dept.
ariehk writes "As of today, Osirusoft, distributer of the SPEWS and open relay blocklists, among others, is no longer operational. Servers using these lists (including the FTC) are currently rejecting ALL email. This shutdown seems to be in response to a several-week-long DDoS attack on Osirusoft, SPEWS and others, resulting in both sites being down. This has caused much discussion on n.a.n-a.e, including the suggestion that the attack is somehow related to the SoBig worm. The spammers must be hurting if they can devote these kinds of resources to attacking blocklists." Read on below a related submission.


ryan

[Michael Roed]

Ryan>>> Do your setup allow external users to access your Exchangeserver via POP3 or IMAP???
I have tried to get Outlook Express to connect to my Exchange 2000 server from home but I can't seem to get through E-smith 5.6. I have forwarded port 110 but still can't connect to Exchange. Is this enough to do on Esmith or am I missing a thing?

Thank you,
Michael.

[ryan]

Michael,

I have a second firewall (IPCop) set to forward 110 to exchange since you can't do that with SME running as a mail server.  This will require a second public IP Address.


You can also put exchange on the internet, but I would not advise having exchange on a public IP address due to it being Microsoft.  

hope that helps,

ryan

[Charlie Brady]

ryan wrote:

> I have a second firewall (IPCop) set to forward 110 to
> exchange since you can't do that with SME running as a mail
> server.

Why not? I believe it is possible.

Charlie

[ryan]

Actually, I never messed with port 110 on the SME that filters email..it should work with the port forward addon link for server manager.  IMAPI should work as well.  

I should have said port 25 can't be forwarded when running qmail on SME.

Thanks for the clarification Charlie.

ryan

[Michael Roed]

Ryan, I have done just that. Installed the portforward rpm and set port 110 to forward to my Exchange but nothing happens. I'm not that good with Exchange so maybe thats the problem although I think everything seems fine with it.

[ryan]

Michael,

Your Exchange server should have SME as its IP gateway.  If you have port forwareded 110 to your exchange server IP address it should work...given your port forwarding is the correct rpm and works.  

To test on a windows box..from outside your LAN:

start/run, type cmd
at the prompt type:  telnet 110

You can use this to test any tcp port to any system.

You should immediately see a line at the top from your exchange server.  

If the box 'hangs' and shows nothing, wait a long time for a time out. Portforwarding is not working.

If they box stays black and does nothing and 'hangs', port forwarding is not working.  

If you want to see what this should look like, try this:

telnet 66.210.243.50 110

this is my work exchange server behind IPCop firewall with incoming mail filtered with a second SME firewall.  

good luck,

ryan

[Michael Roed]

Now I have tried everything but SME won't let POP3 pass. I have tried setting my Exchange server directly to the internet and everything works fine!!!

So the problem is 100 % the SME firewall!!!

Normally I delegate all e-mail directly to Exchange but I have tried removing this feature and just forwarded port 110 but no good.

I have asked this question before but can you, Ryan, explain what Charlie Brady means by configuring xinetd.conf in this thread ???
http://forums.contribs.org/index.php?topic=18085.msg70908#msg70908
What should I do?

His anwser doesn't work as I have tried this several times.

Thank you for the big help.

/michael.

[ryan]

Micheal,

I consider myself a rookie at the bash shell and linux command line.  I am completely self taught and using just SME and IPCop since SME 4.1.2.  All my knowledge originates from posts on this sites or google searches.  Editing xinetd.conf is something I have not had to do....so I can't help.

Have you verified the problem to be SME or just port 110?  Can you port forward any port from SME?  Try something simple like VNC..port forward tcp 5900 to an internal computer with VNC running and then attempt to connect to it with vncviewer from the web using the external ip of SME for the vnc server host address.

If you have the wrong port forwarding rpm installed, 5.6 won't work.  If you can port forward 5900 or any other port, 110 should work as well.

keep trying!!!

ryan

[Michael Roed]

I've got it !!!!

The problem was that the version of portforward I had on my SME was way old. I found the latest and installed it and now it works....Coooool !!!

Thanx for all the help.

/michael.