OPNsense Forum
English Forums => General Discussion => Topic started by: nj44451 on December 17, 2022, 06:45:29 pm
-
I have an external spam filter that passes mail to my mail server on port 25.
I want to ensure that only mail from the spam filter is delivered to my mail server.
I setup an alias with the IP ranges for the spam filters public ip address but the server gets blocked no matter what I try.
I am setting this up on the NAT port forward.
Do anyone have an example of how to set this up?
for example I have this range setup in the alias: 72.35.12.0/255.255.255.0
Thanks,
Trent
-
What is the "associated filter rule" in your NAT port forward rule set to? If it is not "pass", then try that.
Also:
source: your spam filter alias
destination: WAN address
-
I had tried before adding the alias to the source and nothing.
I just modified the existing NAT I had for pass the traffic to my local IP on port 25
in the alias if shows it loaded the whole range of ip based on the masks I set.
for example I have this range setup in the alias: 72.35.12.0/255.255.255.0
I have it setup as a URL alias should I be using something else?
Here is what I see in the live log.
wan 2022-12-17T14:25:56-05:00 72.35.12.47:50702 98.157.240.17:25 tcp Default deny / state violation rule
-
Please post all details of that NAT port forward rule.
-
this is what is set the works to pass on port 25 to the server
Nat under port forward
WAN TCP * * WAN address 25 (SMTP) 192.168.1.54 25 (SMTP)
As soon as I add the alias as the source addresses it gets blocked
WAN TCP SMTP_alias * WAN address 25 (SMTP) 192.168.1.54 25 (SMTP)
under alias "SMTP_alias" I have it set to URL (ips)
With these addresses added
72.35.12.0/255.255.255.0
72.35.23.0/255.255.255.0
208.70.128.0/255.255.248.0
-
Use an alias of type Network(s) and specify the networks as
72.35.12.0/24
72.35.23.0/24
208.70.128.0/21
-
Changed to Networks and all is working now also I think at one point I forgot to click apply as well.
Thanks for your help.