I've inherited the IT duties at my office, but don't have a whole lot of experience in this area.
Currently our network is setup such that our webserver catches all incoming SMTP traffic and relays it to the exchange server. Additionally the exchange server sends all it's outgoing SMTP to the webserver where it's relayed out.
Existing in the PIX is a rule which allows this:
access-list acl_dmz permit tcp host webserver host 192.168.1.123 eq smtp
I'm trying to install a spam filter between our webserver which is on the DMZ side of our firewall, and our exchange server which is on the secure side. The spam filter is also installed on the secure side, so I added a rule that will allow SMTP traffic to route to the spam filter:
access-list acl_dmz permit tcp host webserver host 192.168.1.124 eq smtp
The problem is that when I change the IP on the mail relay from exchange (192.168.1.123) to the spam filter (192.168.1.124), no mail gets to it.
I know that mail from the spam filter gets to exchange server correctly, but nothing from the webserver is getting to the spam filter.
Is there anything that I'm missing?