How to configure an RB750 for e-mail?

ramon82 · October 28, 2011, 10:18am

Hi all - I ve installed an RB750 router between the Internet and the mailserver and I wish to set it up for e-mail access and webmail ie: allow access to these ports:

http 80 for mail server
smtp 25 for spam filter
pop 3 for mail server
dns 53 for 0.0.0.0

drop everything else…

can anyone help me do it?

thanks

ramon82 · October 28, 2011, 1:46pm

I have tried to configure it but something is wrong as it is not working. Interfaces ping OK but that’s it…mails wont go through and neither send.

Can you please check attached config and get back to me?

192.168.0.10 - Mail server
192.168.0.20 - Anti Spam
192.168.0.100 - Internal IP
195.123.43.219 - Public IP
Copy of myconfig.rsc (12.4 KB)

Feklar · October 28, 2011, 2:39pm

You have the traffic on the wrong chain in your firewall.
http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/Filter#Chains

1.) Input is for traffic that is destined to the router, forward is for traffic that is going to go over the router. Move the accept rules to forward. You also have no default drop rule on forward, so you don’t even really need the accept rules in that case unless you add one in.
2.) Where are you trying to access the server from? Behind your router? If that’s the case, NATing back to the same subnet you are on doesn’t work too well, it is easier and cleaner to place the server(s) on a different subnet and have them in a kind of a DMZ. If you have you have to keep them on the same subnet, use hairpin nat.
http://wiki.mikrotik.com/wiki/Hairpin_NAT

ramon82 · October 31, 2011, 9:58am

Thanks but I am very new to this stuff and got no idea how to do what you said…

can you type a few lines here to direct me on how I could do it???

thanks

Feklar · October 31, 2011, 1:14pm

I need more information if you expect me to be able to do that then. If you read the Wiki pages they give very clear explanations of what each part does and also give clear examples of how they are used. Yes you may need to adjust them to fit your needs, but that’s how you learn.

If you answer point number 2, I can be of more help. If you don’t understand what I’m asking or what I’m saying, I would have to suggest that you read a book on basic networking because those are some very basic things.

ramon82 · November 3, 2011, 2:02pm

2.) Where are you trying to access the server from? Behind your router? If that’s the case, NATing back to the same subnet you are on doesn’t work too well, it is easier and cleaner to place the server(s) on a different subnet and have them in a kind of a DMZ. If you have you have to keep them on the same subnet, use hairpin nat.
http://wiki.mikrotik.com/wiki/Hairpin_NAT

Setup is as per attached…