Forum Discussion

Nimbostratus

May 31, 2012

smtp irule for access control

Hello, I am trying to either preserve the source ip information so that existing smtp rules and greylists continue to work but ensure fault tolerance by placing smtp servers befind an f5 vip...

Cirrostratus

Jun 01, 2012

Are you saying that when you tested from a client IP in the smtp_relay_allowed data group, the connection was reset? Can you add a debug statement with the client IP?


when CLIENT_ACCEPTED {
   log local0. "[IP::client_addr]:[TCP::client_port]: Connection to [virtual name] [IP::local_addr]:[TCP::local_port]"
   if { not [matchclass [IP::remote_addr] equals smtp_relay_allowed] } {
      log local0. "[IP::client_addr]:[TCP::client_port]: Rejecting client IP"
      reject
   }
}

Aaron

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

smtp irule for access control

Jeff - May 2026 Featured F5er

AppWorld Berlin 2026 – iRules Contest Winning Results

One Quick Step to Make your website AI-Agent/MCP Ready with an iRule

Recent Discussions

certitcate error

Layered ASM for APM login page protection

migrate from serie I to R. Cluster LTM-GTM

APM URL encoding Hardening?

Trial License for F5 virtual edition in eve-ng

Related Content

Overview of API Access Control and implementing API key access control with BIG-IP APM

API Security: How to implement API Access Control with F5

iControl REST Fine-Grained Role Based Access Control

Privileged Access in Action: Technical Controls for Real-World Environments

F5 BIG-IP Zero Trust Access

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS