[H-GEN] SMTP redirect

[Harry Phillips]

Michael Anthon wrote:
> 
>>I want to see what actually gets sent to the Kodak servers before they 
>>do what they do to it. I would like to know if the formatting of the 
>>message is done by the workstation or their servers.
> 
> 
> How about letting it send a picture and use tcpdump or similar to
> capture the traffic?
> 
> tcpdump -w - -s 0 > smtp.dmp
> 
> will capture a copy of the traffic into a file you can play with.
> There's a few ways to then get the actual data out of this (strings is a
> very quick and dirty way).  I find ethereal to be particularly good.
> 

That would only solve half my problem. I want it so that all outgoing 
traffic uses my internal SMTP server. I know it is overkill for my 
little home network but it is what I use to practice.

In the future doing this can be used to trap outgoing viruses that try 
to use an external SMTP server, the internal one could scan it before it 
leaves the network. That was just one example, another is that the 
workplace might want to keep internal traffic internal, no matter how 
much the user tries to get around it.

I have my postfix server configured so that if mail gets sent from one 
internal user to another it doesn't get sent to the external SMTP 
server, it goes straight into the others mailbox.

That is what I am trying to do here. I have tried the iptables rule I 
posted before, it doesn't work. I tried setting Postfix to run on port 
25 and 10025, I tested sending mail using port 10025 and that works. I 
then changed the iptables rule so that it looked like this:

$IPTABLES -t nat -A PREROUTING -i $INT_IF -p tcp --dport 25 -j REDIRECT 
--to-port 10025

I have a rule exactly the same that does tranparent proxying (using port 
80 and 3128, obviously) but the rule doesn't work for SMTP traffic. Can 
anybody help me out here?

-- 
Regards,
Harry Phillips
--- Failure is not an option,
     it comes bundled with your Microsoft product.