Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1731
Views
0
Helpful
3
Replies

ASA redirect SMTP traffic to an anti spam server

Go to solution
Esteban Talavera
Level 1
Level 1

‎02-07-2012 12:13 PM - edited ‎03-11-2019 03:25 PM

Hi

What is the best way to redirect all the SMTP traffic to anti spam server located in one DMZ

I have OUTSIDE, INSIDE (where mail server is located) and DMZ-SMTP-SERVER (where the anti-spam server is located) interfaces.

The task  I'll perform :

- Create an NAT rule: the public MX record IP will be translated to anti-spam server IP

- Create an ACL allowing the smtp traffic from DMZ-SMTP-SERVER to the mail sever in the inside

- Create  a ACL allowing SMTP traffic from outside to the anti-spam server

But I'm not sure about redirecting all the SMTP traffic from inside to anti spam server.

Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Maykol Rojas
Cisco Employee
Cisco Employee
In response to Esteban Talavera

‎02-07-2012 12:52 PM

Hello,

Nope, there is no feature for that (unless websense is used, cuz it you can redirect pretty much everything you want) there are some tricks that can be accomplished using NAT on versions like 8.4, but no feature to direct packets like saying PBR or something.

Mike

Mike

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Maykol Rojas
Cisco Employee
Cisco Employee

‎02-07-2012 12:28 PM

Hello,

Well, I think I can speak from the firewall part. You got it all right. Ive seen that the customers already have something configured on the SMTP server itself for the Server to send the mails first to the SPAM filter and then they go out. Maybe you can talk to your vendor for the SPAM and have then explain you how to set it up on the server.

On the firewall, it will be just a plain self translation from INSIDE to DMZ where the SPAM server is and that would do it.

Cheers,

Mike Rojas

Mike
0 Helpful

Go to solution
Esteban Talavera
Level 1
Level 1
In response to Maykol Rojas

‎02-07-2012 12:44 PM

Hi

the customer does not want to configure redirection in their mail server  to the anti-spam server, they want the ASA make redirecting SMTP traffic from the inside to the anti-spam server.

It is possible in the ASA?.

I know http redirection with WCCP, but SMTP redirection?

Thanks

0 Helpful

Go to solution
Maykol Rojas
Cisco Employee
Cisco Employee
In response to Esteban Talavera

‎02-07-2012 12:52 PM

Hello,

Nope, there is no feature for that (unless websense is used, cuz it you can redirect pretty much everything you want) there are some tricks that can be accomplished using NAT on versions like 8.4, but no feature to direct packets like saying PBR or something.

Mike

Mike
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card