On 2016-04-14, [email protected] <[email protected]> wrote: > Hello the list, > > > I trying to put SPAMD in front of an Exchange Server but i think doing > it in the wrong way. > > My Lab is like this : > > FW > | > SPAMD------Exchange > > SPAMD and Exchange are in separate LAN. Routing is done via the FW > > Step 1 : Is to test if my spamdserver can just forward connexions to the > Exchange Server
No, at least not without losing the sender's source IP address. (you can do that with http://www.openbsd.org/faq/pf/rdr.html#rdrnat but it's a terrible idea in this case). > My first idea was using rdr-to in a pass rule like this > pass in log on $int_if proto tcp from any to 'spamd_ip' port smtp keep > state rdr-to 'exchange_ip' port smtp > > But i'm don't seeing the packet go out from spamd server I suspect you don't have IP forwarding enabled; with this rule you should see a packet though it won't successfully connect. The real fix: Either move spamd to the firewall, or run an MTA on the spamd machine (e.g. smtpd, sendmail, postfix) and relay mail to Exchange at the SMTP level.
