Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6867
Views
5
Helpful
30
Replies

Ironport c360 - mail routing conundrum

Go to solution
ashley.rees
Level 1
Level 1

‎02-04-2015 11:03 PM

Hi All,

 

I am abit of a greenthumb when it comes to our Ironport appliances, but I have been assigned a task that I am stuck on.

 

Basically we use Google Apps for our mail, with Ironport being the gateway into our old legacy environment. 

 

I need to get Ironport to redirect any email it receives for a specific recipient (a@example.com) to a specific host (n.example.com) on Port 25000 specifically. 

 

The host is listening on that port for the incoming connection rather than port 25.

 

I have created an SMTP  route on our Ironport appliance for n.example.com with its IP and also specified port 25000.

I have also added the domain example.com to the RAT on our appliance.

 

Basically the mail gets to the Ironport appliance, but then its queued for delivery until it eventually expires. I am not sure what else I can try to get this working so any advice is appreciated. 

 

Sorry for the trouble

 

Ash

Labels:
0 Helpful
30 Replies 30

Go to solution
Mathew Huynh
Cisco Employee
Cisco Employee
In response to ashley.rees

‎03-19-2015 06:52 PM

Hey Ash

 

Sorry for the late reply on your enquiry.

Unfortunately you cannot edit the filter via CLI, it needs to be removed and re-added with new syntax


As per your syntax request:

See the updated Syntax

 

Allowed_IP_Restrict:

if (sendergroup =="Allowed_IP") AND (rcpt-to !=("(?i)(@domain1\\.com|@domain2\\.com))

{

drop();

}

 

 

The \\. to escape the regex "." and by combining the terms under (term|term2) it uses one set expression, the "|" pipe means "OR" so it works to your requirement as well.

 

(?i) -> case insensitive

You can add more with |@domain3\\.com etc etc

 

As per 

if rcpt-to == "address@example\\.com"
{
                         skip-filters();

 

If you want to exempt single IP you can use this filter

Else if you want to group a bunch (say like 10 IPs) I'd suggest adding them to a sendergroup and then using the sendergroup condition to make it easier

 

if (remote-ip =="1.1.1.1")

{

skip-filters();

}

.

 

Or

 

if (sendergroup =="Exempted_IP")

{

skip-filters();

}

.

 

 

Because if you had say 5 IPs you'll end up with this syntax...

 

if (remote-ip =="1.1.1.1") OR (remote-ip =="2.2.2.2") OR (remote-ip =="3.3.3.3") OR (remote-ip =="4.4.4.4") OR (remote-ip=="5.5.5.5")
{

skip-filters();

}

.

 

IF however the IPs are within a set range, IE 1.1.1.1 to 1.1.1.5 you can use this rule

remote-ip =="1.1.1.1-5"

 

I hope this helps.

Matty

 

0 Helpful
Customers Also Viewed These Support Documents