Forum Discussion
Hi, since there are multiple ways to an F5 as an SMTP relay how are you doing this at the moment? This will give us an idea of what we can suggest
Hi Kevin,
overview of our setup :
we have a virtual server(SMTP relay host) created on port 25 with a pool of gmail SMTP servers , this virtual server is NATED to an external IP on our edge firewall with SNAT enabled on the F5.
our internal applications are pointed to the relay hostname on the F5 and we want to restrict specific client(applications) hostnames SMTP traffic to be dropped on the F5 before forwarding that to the pool members.
hope i made it clear.
Thanks in advance.
- Kevin_DaviesJun 11, 2019MVP
What profiles do you have attached to the VS?
- Kevin_DaviesJun 11, 2019MVP
I ask because if you have certain types then we have access to SMTP, otherwise its TCP and we don't. Well , not easily.
- pgopparajuJun 11, 2019Nimbostratus
Hi kevin,
i have a TCP lan optimized profile attached to the virtual server. i tried adding a http profile and then the below iRule to drop connections from a specific host name but it's just not working even without the iRule, when i add the http profile i am not able to send email through the relay.
iRule i used with the http profile:
when HTTP_REQUEST {
if { [HTTP::host] eq "user1@example.com" }{
drop
}
}
Thank you.