New User Login 

destr0yr's asylum
Login
New User

Welcome to destr0yr's asylum
Thursday, August 07 2008 @ 01:06 PM PDT

Linux: SMTP Mail Relay, Moxy SMTP Proxy, Qmail and Exim

Thursday, December 07 2006 @ 10:59 AM PST

Contributed by: destr0yr

Views: 3,143

LinuxWe were experiencing a interesting issue where a device, intended for proection (DoS, NIDS, etc.), on our network was not allowing specific packets to pass. The issue was difficult to track down due to the intermittent and complete randomness of which IP's were being filtered and which were not. In a nutshell, we were not able to telnet to remote SMTP servers (port 25). The SYN was sent, and the remote ISP confirmed that they saw the packet and returned the appropriate SYN-ACK. However, the local server never received this packet and therefore, could not complete the TCP handshake.

We needed a solution and found one in Moxy Mail Proxy. Installation on a remote CentOS 4.4 machine using the pre-packaged 0.1.3 RPM was trivial. The configuration file, located in /usr/local/moxy/moxy.conf required the following configuration changes:
port 10025
hostname relay.foo.tld
runas nobody
allowRelayFrom 127.0.0.1,x.w.y.z,a.b.c.d # list of IP's we allow to relay through the proxy
dbtype file

In the dbfile, moxy.db, we added a list of effected ISP's and their actual mail servers (found with dig mx domain.tld), (Using yahoo.com purley as an example):


yahoo.com c.mx.mail.yahoo.com:25

On the effected systems which had either Qmail (Plesk) or Ensim (cPanel/WHM), configuration changes were required to let the MTA know to redirect mail rather than do the standard DNS MX lookup. On qmail systems, the file /var/qmail/controls/smtproutes was created with the entry:
yahoo.com:x.y.w.z:10025

This states that all mail for @yahoo.com will be forwarded to the proxy server at IP x.w.y.z on port 10025. Restarting Qmail and watching the mail logs confirmed that mail was now being send through to the proxy.
Ensim required slightly more configuration, specifically in a control panel environment such as cPanel/WHM.

For Exim (/etc/exim.conf), in the "ROUTERS CONFIGURATION" section, I added:
test_route:
    driver = manualroute
    transport = remote_foo
    route_list = yahoo.com x.y.w.z

In "TRANSPORTS CONFIGURATION":
remote_foo:
    driver = smtp
    port = 10025

Restart Exim and verify by running "exim -bt foo@yahoo.com", it should return:
foo@yahoo.com
    router = test_route, transport = remote_foo
    host x.y.w.z [x.y.w.z]
 Where x.y.w.z is again, the IP of the proxy server.

What's Related

Story Options

Trackback

Trackback URL for this entry: http://www.destr0yr.com/trackback.php/Linux-SMTP_Relay_Qmail_and_Exim

No trackback comments for this entry.
Linux: SMTP Mail Relay, Moxy SMTP Proxy, Qmail and Exim | 0 comments | Create New Account
The following comments are owned by whomever posted them. This site is not responsible for what they say.

Google Search

Google
Web destr0yr.com

Topics

Home
cPanel (4/0)
GeekLog (2/0)
Linux (17/0)
Gentoo (6/0)
Personal (2/0)
IT News (1/0)
Windows (14/0)
Ubuntu (3/0)
General News (1/0)

User Functions





Don't have an account yet? Sign up as a New User
Lost your password?

Older Stories

Tuesday16-Jan


Thursday07-Dec


Monday20-Nov


Wednesday15-Nov


Monday06-Nov


Thursday02-Nov


Tuesday24-Oct


Wednesday11-Oct