hey guys I've been trying to implement the network prevent for email for a few days and it seems I'm kinda stuck.
I got the enforce and prevent for email installed in the same box as PoC pior to kick in prod.
Goal: Test Policies in a lab enviroment before implement in prod.
so I have:
Box1: Redhat 5: Enforce + Prevent for Email
Box2: Windows 2003 server with hmailserver
what i've done:
a) Configured the hmailserver so it relay the messages on the Vontu: doesnt work
b) I tried to configure outlook to send emails using the Prevent for Email as SMTP proxy: didn't work either
In the enforce+prevent for email I tested:
[root@vontu ~]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
[root@vontu ~]# telnet 192.168.3.10 25
Trying 192.168.3.10...
telnet: connect to address 192.168.3.10: Connection refused
telnet: Unable to connect to remote host: Connection refused
iptables:
[root@vontu ~]# iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
Vontu-INPUT tcp -- anywhere anywhere
Vontu-INPUT tcp -- anywhere anywhere
Vontu-INPUT tcp -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain Vontu-INPUT (3 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT tcp -- anywhere anywhere tcp dpts:blackjack:65535
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
-- rules applied
iptables -N Vontu-INPUT
iptables -A Vontu-INPUT -s 0/0 -p tcp --dport 25 -j ACCEPT
iptables -I INPUT 1 -s 0/0 -p tcp -j Vontu-INPUT
iptables -t nat -I PREROUTING -p tcp --destination-port 25 -j REDIRECT --to-ports=10025
iptables-save > /etc/sysconfig/iptables
at this point i think its a problem of the enforce+prevent for email server that doesnt allow me to remotely connect to it on port 25.
any advice please?
thanks!