I use the SMTP proxy in internal mode, with "Internal networks" specified under Mail Security - SMTP - Relaying - Host-based Relay - Allowed hosts/networks to allow my internal SMTP server to send outbound emails, and any visiting mail clients on the local network to connect directly to external SMTP servers.
This was working perfectly under 8.203, but since upgrading to 8.301 this afternoon, all outbound mail is being rejected by ASG:
I tried removing "Internal networks" and replacing it with specific host definitions, but nothing seems to work - everything is rejected unless it's addressed to one of my internal mail domains, in which case it's forwarded back to my internal server (as it should be).
The only way I've been able to get outbound mail going again is to add "Internal networks" to Mail Security - SMTP - Advanced - Transparent Mode - Skip transparent mode hosts/nets and check "Allow SMTP traffic for listed hosts/nets". This works, but I regard it as suboptimal because I would still like outbound mails to be scanned for spam / virus / etc, in case a local host were to be compromised. And besides, it damned well oughta work! :)
I consider this to be a bug (or at the very least, an undocumented regression), but I'm not a paying customer so I can't raise a ticket. Anyone else seeing similar behavior?
This was working perfectly under 8.203, but since upgrading to 8.301 this afternoon, all outbound mail is being rejected by ASG:
Code:
2012:03:10-23:08:52 astaro exim-in[6452]: 2012-03-10 23:08:52 SMTP connection from [192.168.0.4]:62010 (TCP/IP connection count = 1)
2012:03:10-23:08:52 astaro exim-in[25464]: 2012-03-10 23:08:52 H=sniktevista.snikte.net ([127.0.0.1]) [192.168.0.4]:62010 F=<ec*****@austin.rr.com> rejected RCPT <test@example.com>: Relay not permitted
2012:03:10-23:08:52 astaro exim-in[25464]: 2012-03-10 23:08:52 SMTP connection from sniktevista.snikte.net ([127.0.0.1]) [192.168.0.4]:62010 closed by DROP in ACLThe only way I've been able to get outbound mail going again is to add "Internal networks" to Mail Security - SMTP - Advanced - Transparent Mode - Skip transparent mode hosts/nets and check "Allow SMTP traffic for listed hosts/nets". This works, but I regard it as suboptimal because I would still like outbound mails to be scanned for spam / virus / etc, in case a local host were to be compromised. And besides, it damned well oughta work! :)
I consider this to be a bug (or at the very least, an undocumented regression), but I'm not a paying customer so I can't raise a ticket. Anyone else seeing similar behavior?