cancel
Showing results for 
Search instead for 
Did you mean: 

iRule for email Traffic SMTP port 25

Fabrizio_Chiava
Nimbostratus
Nimbostratus

Hi,

 

I need some help to configure an iRule based on the email domain name. So, I have a customer that balance the Sophos's outbound traffic (SMTP port 25). Unfortunately some email tagged as SPAM are NOT SPAM. So, the client needs to unlock this email to appliance, but all traffic flows to BIGIP.

 

 

I would that iRule behaves in this way:

 

if (Domain = @example.com) -> forward to node

 

else pool_default

 

 

Could you help me, please?

 

I'm basing to this iRule, I think it's a good way to approach to the solution:

 

when RULE_INIT { Replace this test TCL list with a "string" type datagroup and then delete the RULE_INIT event set destination_translations_class [list \ "10.2.135.100:80 192.168.135.100:8080" \ "10.2.135.101:8080 192.168.135.101:8888" \ ] } when CLIENT_ACCEPTED { log local0. "[IP::client_addr]:[TCP::client_port]: New TCP connection to [IP::local_addr]:[TCP::local_port]" Look up the destination address:port in a datagroup set dest [findclass [IP::local_addr]:[TCP::local_port] $::destination_translations_class " "] log local0. "[IP::client_addr]:[TCP::client_port]: Matched \$dest: $dest" Check if there was a match if {$dest ne ""}{ log local0. "[IP::client_addr]:[TCP::client_port]: Using node [split $dest ":"]" Set the destination IP and port using the node command node [split $dest ":"] } }

 

Thanks a lot

 

Best regards

 

Fabrizio.

 

 

2 REPLIES 2

nitass
F5 Employee
F5 Employee
if (Domain = @example.com) -> forward to node

 

else pool_defaulti am a bit confused. it is outbound mail, isn't it? so, what is node?? i guess domain is receipt domain and pool_default is sophos pool, isn't it?

 

 

anyway, this is the past conversation. not sure if it is useful.

 

 

iRule based on SMTP receiver domain

 

https://devcentral.f5.com/community/group/aft/2160832/asg/50

 

 

just my 2 cents.

Fabrizio_Chiava
Nimbostratus
Nimbostratus

Hi Nitass,

 

thanks for your reply. Yes, it is. The iRule would balance the outbound SMTP traffic.

 

 

Pratically, the client receive the SPAM email with the digest generated and the client should be unlock as SPAM. So, I need an iRule that bypass the load balancing and forward traffic to a specific node.

 

 

I tried to implement the SMTP Proxy iRule but unfortunately doesn't work.

 

 

Thank

 

Regards

 

Fabrizio.