Technical Forum
Ask questions. Discover Answers.
Showing results for 
Search instead for 
Did you mean: 

Duplicate SMTP traffic for SMTP dlp testing


Hi all,

It will be great to have your mind to get any direction how to make it happen.

I have a VS that forward SMTP traffic to a pool, the VS is standard with TCP profile.

In order to test a new DLP mail relay i want all the traffic that coming to the VS will be send also to the new mail relay but i need the new mail relay to think he is the destination of the traffic in L3 and not only in L2 and it means i cant use the clone pool command in irule or through the VS clone settings.

I try to get it work with sideband connection but still have issues to get it work.

Any idea how to get my goal?

Here is the last irule i tested:




log local0.debug "SMTP::client accepted event"




set len [TCP::payload length]

log local0.debug "SMTP::client data len : ($len)"

log local0.debug "SMTP::payload is: [TCP::payload 15]"

set conn [connect -timeout 300 -idle 30 -status conn_status X.X.X.X:25]

log local0.debug "SMTP::conn $conn "

    if {$conn eq ""} then {

                        log local0.debug "SMTP::conn FAILED"




set conn_info [connect info -idle -status $conn]

    log local0.debug "SMTP::con info $conn_info"

set send_info [send -timeout 300 -status send_status $conn [TCP::payload]]

    log local0.debug "SMTP::send info $send_info"

set recv_data [recv -timeout 300 -status recv_status $conn]

    log local0.debug "SMTP::recieved $recv_data"

close $conn





My tests are telnet to the vs and i want to get the VS pool member mail relay prompt in the cli but it doesnt work 😞


Hope i manage to explain my need and issue, any help will be appreciated 🙂


F5 Employee
F5 Employee

Take a look at


SMTP Proxy


for some ideas on handling SMTP.


The first thing is that SMTP is a "Server speaks first" protocol, so you need to structure your sideband to wait for the server banner.


I'm not entirely sure how you can handle the state if the sideband connection does not behave the same as the pool member, because that could make things very difficult to manage.