#---------------------------------------------------------------- # This file explain how to set Clement to handle E-mail # from the external world while nothing is changed to # the current SMTP daemon configuration. #---------------------------------------------------------------- #---------------------------------------------------------------- 1. Principle: By default, Clement is listening on port 2525, you need to accept and redirect all external request to that port. To do so, you need to add rules to your current IPTABLES definitions. 2. iptables rules. Currently you have something like this to handle E-mail traffic. modprobe iptable_nat iptables -I INPUT -i eth0 -p tcp --dport smtp -j ACCEPT you need to add following rules iptables -I INPUT -i eth0 -p tcp --dport 2525 -j ACCEPT iptables -I PREROUTING -i eth0 -p tcp --dport smtp -j DNAT -t nat -- to <ip_on_eth0>:2525 PREROUTING directive is to have all EXTERNAL smtp request redirected to port 2525. As an example if you are using /etc/sysconfig/iptables to store the firewall rule, add the following at the end of the file: *nat -A PREROUTING -i eth0 -p tcp --dport 25 -j DNAT --to IP.ON.ETH.0:2525 COMMIT 2. Testing. To test if everything is working fine, first, while being on the server itself, do from command line "telnet 'your_eth0_ip' 25" A prompt about your usual SMTP daemon should be returned (then type QUIT) second, while being on an external client, do from command line telnet 'your_eth0_ip' 25 A prompt like: 220 reverse_address ESMTP clement-2.0-XXX; Mon, 03 Oct 2005 14:47:52 -0400 will be displayed (the type QUIT) This prove your standard SMTP daemon is still working while Clement is able to trap All external E-mail for diligent checking before dispatching them to standard SMTP daemon. #----------------------------------------------------------------