Forum Discussion

Nimbostratus

Jun 01, 2012

smtp irule for access control

Hello, I am trying to either preserve the source ip information so that existing smtp rules and greylists continue to work but ensure fault tolerance by placing smtp servers befind an f5 vip...

Cirrostratus

Jun 01, 2012

Are you saying that when you tested from a client IP in the smtp_relay_allowed data group, the connection was reset? Can you add a debug statement with the client IP?


when CLIENT_ACCEPTED {
   log local0. "[IP::client_addr]:[TCP::client_port]: Connection to [virtual name] [IP::local_addr]:[TCP::local_port]"
   if { not [matchclass [IP::remote_addr] equals smtp_relay_allowed] } {
      log local0. "[IP::client_addr]:[TCP::client_port]: Rejecting client IP"
      reject
   }
}

Aaron

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

smtp irule for access control

Recent Discussions

Creating Policy using Terraform

Alert Mail when virtual server down trubleshooting

How to disable RC4 Cipher on SSL

Big-IQ + LetsEncrypt wildcard

DEVICE-0202 Error while adding rSeries as a provider in CM

Related Content

Take Control of Identity and Access Management in the Cloud

iRule To Control Access Based on Source and Destination Addresses

Control access to Exchange services

iRule to access F5 certificate store

TCP Congestion Control: The Mobile Network of Today, It’s Time to Improve

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS