Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA redirect SMTP traffic to an anti spam server

Hi

What is the best way to redirect all the SMTP traffic to anti spam server located in one DMZ

I have OUTSIDE, INSIDE (where mail server is located) and DMZ-SMTP-SERVER (where the anti-spam server is located) interfaces.

The task  I'll perform :

- Create an NAT rule: the public MX record IP will be translated to anti-spam server IP

- Create an ACL allowing the smtp traffic from DMZ-SMTP-SERVER to the mail sever in the inside

- Create  a ACL allowing SMTP traffic from outside to the anti-spam server

But I'm not sure about redirecting all the SMTP traffic from inside to anti spam server.

Thanks

  • Firewalling
Everyone's tags (4)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

ASA redirect SMTP traffic to an anti spam server

Hello,

Nope, there is no feature for that (unless websense is used, cuz it you can redirect pretty much everything you want) there are some tricks that can be accomplished using NAT on versions like 8.4, but no feature to direct packets like saying PBR or something.

Mike

Mike
3 REPLIES
Cisco Employee

ASA redirect SMTP traffic to an anti spam server

Hello,

Well, I think I can speak from the firewall part. You got it all right. Ive seen that the customers already have something configured on the SMTP server itself for the Server to send the mails first to the SPAM filter and then they go out. Maybe you can talk to your vendor for the SPAM and have then explain you how to set it up on the server.

On the firewall, it will be just a plain self translation from INSIDE to DMZ where the SPAM server is and that would do it.

Cheers,

Mike Rojas

Mike
New Member

ASA redirect SMTP traffic to an anti spam server

Hi

the customer does not want to configure redirection in their mail server  to the anti-spam server, they want the ASA make redirecting SMTP traffic from the inside to the anti-spam server.

It is possible in the ASA?.

I know http redirection with WCCP, but SMTP redirection?

Thanks

Cisco Employee

ASA redirect SMTP traffic to an anti spam server

Hello,

Nope, there is no feature for that (unless websense is used, cuz it you can redirect pretty much everything you want) there are some tricks that can be accomplished using NAT on versions like 8.4, but no feature to direct packets like saying PBR or something.

Mike

Mike
1177
Views
0
Helpful
3
Replies