PMG with 2 nics

H

hsv

Active Member
Dec 26, 2019
5
0
41
57
Hi
I would like to setup PMG with 2 NICs. One for outside (NIC1) and one for inside (NIC2). Both setup with port 25 and 587.
NIC1: 10.0.1.25/27 (port 25/tcp and 587/tcp) <-> PMG <-> NIC2: 10.0.2.25/27 (port 25/tcp and 587/tcp)
I can see how to configure the 2 NICs, but I can not see how to set the port numbers on both NICs with 25 and 587
I have read the documentation but have not found what I am searching for.

Have any an idear how to get this to work.

Regards
Henning
 
you would need to adapt the postfix configuration for this - specifically the master.cf.in template:
https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#pmgconfig_template_engine

in the default config it lists the internal and external port - in your case you need to adapt it to list the different IP-addresses and port combinations

Just to have mentioned it explicitly - port 587 (submission) usually has SMTP-AUTH running - while PMG, which is meant to be run as a proxy between the internet and your mailserver does not offer SMTP-AUTH.

I hope this helps!
 
Thanks Stoiko for the reply. 50% of the mails, I recieve, are over 587. So if I understand your reply correct PMG cannot be used for checking for spam and virus if it will be send over 587/tcp, but only if it send over standart SMTP (25/TCP). Is that correct understod.

As fare I understand Postfix, do support 587 submission and SMTP-AUTH if "Cyrus SASL" has been built into Postfix.
If I run postconf -a I get:
cyrus
dovecot
So no SASL

Have Proxmox any plans to include "Cyrus SASL" in furture version of PMG? It semse like a minor update to your product to include SASL in the built.

Regards
Henning
 
hsv said:
Thanks Stoiko for the reply. 50% of the mails, I recieve, are over 587. So if I understand your reply correct PMG cannot be used for checking for spam and virus if it will be send over 587/tcp, but only if it send over standart SMTP (25/TCP). Is that correct understod.
Click to expand...
not quite - PMG is not meant to be used as sending server for end-users (those mails are usually sent over 587) - but as a proxy between your mail-server (where end-users send their mail) and the internet.
You can configure PMG both to listen on port 587, and to do smtp-auth- however PMG does not offer an authentication database for those senders, you'd have to also manually configure one.

hsv said:
As fare I understand Postfix, do support 587 submission and SMTP-AUTH if "Cyrus SASL" has been built into Postfix.
Click to expand...
the postfix is the version from Debian, and it does support SMTP-AUTH (but read above - you have to create the authentication database and configuraiton yourself)
 
You must log in or register to reply here.
Top Bottom