Forum Discussion

Fabrizio_Chiava's avatar
Fabrizio_Chiava
Icon for Nimbostratus rankNimbostratus
May 03, 2013

iRule for email Traffic SMTP port 25

Hi,

I need some help to configure an iRule based on the email domain name. So, I have a customer that balance the Sophos's outbound traffic (SMTP port 25). Unfortunately some email tagged as SPAM are NOT SPAM. So, the client needs to unlock this email to appliance, but all traffic flows to BIGIP.

I would that iRule behaves in this way:

if (Domain = @example.com) -> forward to node

else pool_default

Could you help me, please?

I'm basing to this iRule, I think it's a good way to approach to the solution:

when RULE_INIT {  
    
      Replace this test TCL list with a "string" type datagroup   
       and then delete the RULE_INIT event  
     set destination_translations_class [list \  
        "10.2.135.100:80 192.168.135.100:8080" \  
        "10.2.135.101:8080 192.168.135.101:8888" \  
     ]  
  }        
  when CLIENT_ACCEPTED {  
    
     log local0. "[IP::client_addr]:[TCP::client_port]: New TCP connection to [IP::local_addr]:[TCP::local_port]"  
    
      Look up the destination address:port in a datagroup  
     set dest [findclass [IP::local_addr]:[TCP::local_port] $::destination_translations_class " "]  
     log local0. "[IP::client_addr]:[TCP::client_port]: Matched \$dest: $dest"  
    
      Check if there was a match  
     if {$dest ne ""}{  
    
        log local0. "[IP::client_addr]:[TCP::client_port]: Using node [split $dest ":"]"  
         Set the destination IP and port using the node command  
        node [split $dest ":"]  
     }  
  }  

Thanks a lot

Best regards

Fabrizio.

2 Replies

  • if (Domain = @example.com) -> forward to node

     

    else pool_defaulti am a bit confused. it is outbound mail, isn't it? so, what is node?? i guess domain is receipt domain and pool_default is sophos pool, isn't it?

     

     

    anyway, this is the past conversation. not sure if it is useful.

     

     

    iRule based on SMTP receiver domain

     

    https://devcentral.f5.com/community/group/aft/2160832/asg/50

     

     

    just my 2 cents.
  • Hi Nitass,

     

    thanks for your reply. Yes, it is. The iRule would balance the outbound SMTP traffic.

     

     

    Pratically, the client receive the SPAM email with the digest generated and the client should be unlock as SPAM. So, I need an iRule that bypass the load balancing and forward traffic to a specific node.

     

     

    I tried to implement the SMTP Proxy iRule but unfortunately doesn't work.

     

     

    Thank

     

    Regards

     

    Fabrizio.