Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Communication to SMTP relay denied by Traffic rules
  •  
Dukeman

Messages: 57
Karma: 6
Send a private message to this user
I've upgraded to the latest version this morning (8.0.1, previous was 7.4.1) and since seeing the following messages in the Warning log:

Communication to SMTP relay denied by Traffic rules

I've never seen this message in the previous versions and when I send a test message from Control, this is send successfully. All the necessary traffic rules to send and perform DNS queries are available for Control.

Has anyone seen this before or this is an error?
  •  
tauseef-it

Messages: 18
Karma: 2
Send a private message to this user
do you have your own email server ? or receiving mail directly through hosting server??
could you please provide traffic rule details ??
  •  
Dukeman

Messages: 57
Karma: 6
Send a private message to this user
Thank you for your response!

I've got my own mailserver running in the LAN behind the FW.

There is a rule for the firewall which allows traffic from the firewall to this mailserver for the SMTP service, and an other rule which allows SMTP traffic from the internet to this mailserver.

However, I saw the warnings the same and next after upgrading to the 8.0.1 version. After that I've not seen the message again, so the problem (so far) has been 'solved'.

If it's coming again I will report here, but for now the topic can be closed...
  •  
Dukeman

Messages: 57
Karma: 6
Send a private message to this user
I've found the logline again and found out when it appears: after updating the rulebase.

Everytime when I change something in the Firewall rules and apply these changes, the line in the log is written. Testing the SMTP settings gives me a fresh e-mail in the mailbox, so there are no problems.

Probably a bug I guess...
  •  
silars

Messages: 429
Karma: 59
Send a private message to this user
Do you need that rule for the Firewall->Mailserver? I'm guessing you may not need that and it is confusing Control for some reason.
  •  
Dukeman

Messages: 57
Karma: 6
Send a private message to this user
I want the firewall to sent me e-mails reports and alerts (new version etc), so therefor the rule for Firewall> mailserver exists.
  •  
silars

Messages: 429
Karma: 59
Send a private message to this user
If the mailserver is on a trusted interface, you shouldn't need this rule though. I do the same thing, but I don't have a specific rule to allow Firewall->Mailserver connectivity.

Would the email reports/alerts not work until you put that rule in place? Have you tried it with that rule unchecked?
  •  
Dukeman

Messages: 57
Karma: 6
Send a private message to this user
I've made a rule with only those connectiontypes the firewall needs to create to my internal network (on which the mailserver exists), nothing more (dns & smtp).
I've temporarily changed the rule to allow access to the trusted interfaces, but the message is still logged into the logfile, everytime I press apply in the rulebase.
  •  
tauseef-it

Messages: 18
Karma: 2
Send a private message to this user
Do you want to receive mail server alerts or kerio alerts ??

if you want to receive kerio alerts? set SMTP relay under advance options, also check accounting.
  •  
Dukeman

Messages: 57
Karma: 6
Send a private message to this user
Alerts and reports are working fine, all is setup correctly and working.

It's the logline that bugging me...
  •  
silars

Messages: 429
Karma: 59
Send a private message to this user
My suspicion is that the rule restricting access to your internal network is what is causing the log message. While not accurate, it may be based on a simple check to see if the firewall has full access to the internal network.

I've included my Firewall traffic rules. I believe these are default.

  •  
Dukeman

Messages: 57
Karma: 6
Send a private message to this user
The problem is still occuring in the latest version (8.2.2).
I've set the mailserver address to an IP address and added content rules to allow the Firewall to access the mailserver (the rule is also based on IP address).

Rule:
Source: Firewall
Destination: IP Mailserver
Service: SMTP
Action: Allow



Mail can be send without any problem (testmail, report, viruswarnings), but every change I make in the config, creates a logline in the warning log: "Communication to SMTP relay denied by Traffic rules".

Previous Topic: 8.3 Reverse Proxy - How to setup?
Next Topic: Log DHCP leases automatically
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sun Nov 19 11:46:06 CET 2017

Total time taken to generate the page: 0.00540 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.