SMTP Load Balancing without SNAT Outbound traffic problems
Hello, I’m sorry because this is an issue that it has been reviewed in the forum, but in our case it doesn’t work and we don`t know what is the problem. We have two STMP VLANs, internal (192.168.26.0/24) and external (192.168.227.0/24). In the external we have a standard virtual server (192.168.227.11) with a SMTP pool with two servers in the internal VLAN (192.168.26.11 and 192.168.26.12). We have SNAT Automap disable because we want to keep the original source IP, so SMTP servers have its default gateway on F5 (192.168.26.1). This works OK. The problem is about outbound traffic. For example, when SMTP server tries to send outbound traffic to Internet or Exchange servers, through F5, it doesn’t work. We know internal servers can reach F5 SMTP internal floating ip (192.168.26.1) by ping, but it seems it doesn´t know what to do with traffic originated on SMTP servers, or where to send it. It also happens with any connection started in the server. We have tried to configure a 0.0.0.0/0.0.0.0:any virtual server forwarding IP enabled on internal VLAN but it doesn’t work. Traffic reaches F5 (we show IN traffic statistics), but doesn’t continue to the external VLAN. We have also tried with a default route too (0.0.0.0/0 -> 192.168.227.1), but it doesn´t work. Could you help us? Thank you very much!
Difference between TCP monitor and SMTP monitor
Hi. Will anyone be able to explain to me the difference between the normal TCP monitor (Alias port 25) and a SMTP type monitor? For both type of monitor: 1. Will F5 close the connection gracefully (send a reset packet) or does it let the connection timeout/expire ? What exactly does the SMTP type monitor do? Does it sends a HELO to the email server?iRule to modify SMTP mail content
Hi, We have an requirement, where in we need to inspect the incoming SMTP message, look for a particular string and based on that modify the mail content. I have written the below iRule but this is not working. The CLIENT_DATA event is being triggered. I refered to the SMTP proxy iRule provided in this link(https://devcentral.f5.com/wiki/iRules.SMTPProxy.ashx?NS=iRules). I am not sure if i am missing anything here. when CLIENT_ACCEPTED { TCP::respond "220\r\n" TCP::collect 2000 } when CLIENT_DATA { set cdata [TCP::payload] if { $cdata starts_with "DATA" } { if { [string match "Exchange2010R2" $cdata ]} { string map {"Sent From:" "Sent From:\nExchange 2010 R2 Server\n"} TCP::payload } } TCP::release TCP::collect } Thanks in Advance. Ajay
Invalid response SMTP server
Hi, We are using 11.4.1 HF8 on a 4200 BIG-IP. I am trying to configure email alerts for snmp traps using user_alert.conf. When I am trying to send a test mail using echo "ssmtp test" | mail -vs "test mail" xxx@domain.com it is giving me Invalid response SMTP server. Please let me know if I am doing anything wrong and how can I fix this. Thanks, Sekharirule for SMTP
Hi Everyone, we have an ongoing testing and this is the irule that we currently have. when CLIENT_ACCEPTED { log local0. "Client_ACCEPTED_HIT: IP address:[IP::client_addr]" TCP::respond "220\r\n" TCP::collect } when CLIENT_DATA { log local0. "Client_DATA_HIT: IP address:[IP::client_addr] Data: [TCP::payload]" if { [TCP::payload] contains "gmail.com" or [TCP::payload] contains "google.com" } { pool testtesttest log local0. "cdata_FOUND: IP address:[IP::client_addr] Dest IP:[server_addr]:[server_port] Data: [TCP::payload]" } TCP::release TCP::collect } the scenario is, when an email is sent using gmail, the traffic should go to testtesttest pool however, this does not work as based on the statistics, testtesttest statistics does not increase. It seems that the traffic goes to the default pool. Upon checking the /var/log/ltm directory, we can see this error: CLIENT_DATA> - no serverside connection established (line 4) invoked from within "server_addr" is this related to the irule why the traffic is not directed to the specified pool? are there any error with the script in the iRule? Any help will be very much appreaciated. Thank you.
Bigip mgmt port using tls 1.0 for smtp connection
Hi, We running 15.1.5.1 We did the smtp config from GUI and used the test button - we usue mgmt port for this config - it keeps using tls 1.0 but our mimecast server supports tls 1.2, how can i make the mgmt port use tls 1.0 for this connection? The client hello shows it using tls 1.0.. i cant find any option to change this!
SMTP source IP address
Hi, We are implementing email notification for expiring certificates. Our internal SMTP server requires to whitelist source IP's. Question: When configure SMTP on F5, what's is the default source IP email's get sent from? I thought its probably the self IP..but what if we have multiple? Can we set a specific IP? Thanks, Stefan
Can't delete deployed iApp
I'm trying to delete an iApp that I deployed but get an error when I try: 01070083:3: Monitor /Common/SMTP-Int.app/SMTP-Int_smtp is in use. I've tried unchecking strict updates, delete the monitor and then the iApp but I get a different error then. Ideas? I'm using this iApp: SMTP iApp https://devcentral.f5.com/codeshare/smtp-iapp-template-early-release