Solved: Specific Emails send over specific interface (cluster) possible?

cyberurmel · ‎11-14-2019

Hi all,

we have a cluster with 2 machines . Each of them have an own outgoing if . My Question is - is it possible to sent out specific mails to Domains e.g. all to @cisco.com via the secondary machine outgoing interface?

I could not find that as i am surely possible to make an outgoing Policy … but if i want to define the filter for that i am not anymore on cluster mode . And from the first machine i do not want to send out from outgoing if to cisco.com .

can you explain me please how to solve that?

Thanks

Philippe Boeij · ‎11-14-2019

Hi, I wouldn't recommend this but here we go.

I'd create a message filter on node1 (clusterconfig switch to node1) to redirect all messages to cisco.com to node2 (alt-dsthost).

Node2 will deliver tese messages like all others.

Or create a specific SMTP route on node1 (override cluster settings) to redirect cisco.com to relayinterface of node2.

Regards,

Philippe

View solution in original post

Mathew Huynh · ‎11-15-2019

Hey Cyberurmel,

I agree with Philippe, i wouldn't recommend this setup as it could get messy with manipulation.
Philippe's workaround will work where you're re-routing any emails that hits node1 into node2 for final delivery.

But as you also shared you need ensure you use a interface as well.

So adding to Philippe's workaround, you will need to create (on ESA2 and it also needs to be a machine override of cluster as to not impact ESA1) altsrchost command -> cisco.com -> use the specific interface you choose.

So ESA1 -> sees @cisco.com as recipient -> Sends it to ESA2 -> ESA2 looks at altsrchost and ensures deliveries are done using specific interface.

Lastly, on ESA2 you need to make sure you create a rule where if the emails are coming in from ESA1 (to ESA2) to skip the scanning as to not double scan.

Regards,
Mathew

View solution in original post

Philippe Boeij · ‎11-14-2019

Hi, I wouldn't recommend this but here we go.

I'd create a message filter on node1 (clusterconfig switch to node1) to redirect all messages to cisco.com to node2 (alt-dsthost).

Node2 will deliver tese messages like all others.

Or create a specific SMTP route on node1 (override cluster settings) to redirect cisco.com to relayinterface of node2.

Regards,

Philippe

Mathew Huynh · ‎11-15-2019

Hey Cyberurmel,

I agree with Philippe, i wouldn't recommend this setup as it could get messy with manipulation.
Philippe's workaround will work where you're re-routing any emails that hits node1 into node2 for final delivery.

But as you also shared you need ensure you use a interface as well.

So adding to Philippe's workaround, you will need to create (on ESA2 and it also needs to be a machine override of cluster as to not impact ESA1) altsrchost command -> cisco.com -> use the specific interface you choose.

So ESA1 -> sees @cisco.com as recipient -> Sends it to ESA2 -> ESA2 looks at altsrchost and ensures deliveries are done using specific interface.

Lastly, on ESA2 you need to make sure you create a rule where if the emails are coming in from ESA1 (to ESA2) to skip the scanning as to not double scan.

Regards,
Mathew

cyberurmel · ‎11-19-2019

Thanks to you guys fpor help,

I see that it is not so easy as expected from me. Also that you not to recommend this – we decided to divide the traffic to cisco.com via the mailserver that is in front of them. Seems to be easier. The problem is only that I am not the admin for that- so if its needful to do this as my question before I will think about the workaround for some hours.

Thanks and regards

Cyb