Filter
Top Products
140 Administrator’s Guide SurfControl RiskFilter - E-mail V5.2.4
R
ISK
F
ILTER
S
YSTEM
M
ANAGEMENT
C
ONSOLE
The System Tab
5
MULTI GATEWAY POLICY ROUTING
This module sets up dynamic routing to preserve ipv4 source addresses.
Multi Gateway Policy Routng enables you to override the default gateway setting in your routing table.
Connections forwarded to RiskFilter will have their packets routed back through the source's configured
gateway. This is needed if these connections are from multiple mail servers which do not perfom SNAT
packet modifications. With this enabled, RiskFilter is able to see the original source of a forwarded
connection and route packets back through this gateway.
Multi-Gateway Policy Routing must have mail server(s) that support iptables, so that emails can be relayed
to RiskFilter before being forwarded.
To set up Multi Gateway Policy Routing:
1Select Multi Gateway Policy Routing in the System tab.
Figure 5 - 7 The Multi-Gateway Policy Routing screen
2 Select an Interface from the drop-down list box.
3 Enter the MAC address of the Gateway into the Ethernet (MAC) address field.
4 Enter the IP address of the Gateway into the IP Address field.
5 Click Add.
Caution: This should only be used if you are using NAT on your mail servers to forward mail
to RiskFilter.
Note: To test RiskFilter, run this command on the mail server:
iptables -A PREROUTING -t nat -p tcp -m tcp ! -s RF-IP --dport 25 -j DNAT. To use this feature,
you MUST run this command on the mail server.