My bad. I will fix the rule so that anything going out the internal interface will have the ip of the internal interface!
Thanks for pointing that out. Travis Crook Visions Beyond ----- Original Message ----- From: "Antony Stone" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, June 04, 2002 4:37 PM Subject: Re: Outgoing SMTP Mystery > On Tuesday 04 June 2002 11:18 pm, Michael Hudin wrote: > > > I can send SMTP out just fine, but no other server can send it in for some > > reason. > > > -A POSTROUTING -o eth0 -j SNAT --to-source 10.10.10.254 > > -A POSTROUTING -o eth1 -j SNAT --to-source 10.10.10.254 > > I really don't like the look of those two rules together. You're saying > that any packet going out of the external interface should bear the source > address of the external interface - pretty standard. But you're also saying > that any packet going out of the *internal* interface should also have the > source address of the external interface - why ??? > > Do you have any access control rules on your SMTP server - is it fussy about > the IP addresses it accepts connections from ? > > What happens if you telnet to port 25 on the mail server from your firewall ? > > > Antony. > >
