From: "Steven Levine" Received: from [192.168.100.201] (HELO mail.2rosenthals.com) by 2rosenthals.com (CommuniGate Pro SMTP 5.4.10) with ESMTPS id 7892487 for ecs-isp@2rosenthals.com; Thu, 14 Sep 2023 11:24:14 -0400 Received: from [192.168.200.201] (port=55301 helo=mail2.2rosenthals.com) by mail.2rosenthals.com with esmtp (Exim 4.96) (envelope-from ) id 1qgoCP-0006vw-3B for ecs-isp@2rosenthals.com; Thu, 14 Sep 2023 11:24:10 -0400 Received: from mta-101a.earthlink-vadesecure.net ([51.81.61.60]:52229) by mail2.2rosenthals.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.96) (envelope-from ) id 1qgoCN-00014y-1V for ecs-isp@2rosenthals.com; Thu, 14 Sep 2023 11:24:07 -0400 DKIM-Signature: v=1; a=rsa-sha256; bh=HxhkRE9U8sfl/d8Cgxag2KHZIUOSChP4XFibWa /xxVs=; c=relaxed/relaxed; d=earthlink.net; h=from:reply-to:subject: date:to:cc:resent-date:resent-from:resent-to:resent-cc:in-reply-to: references:list-id:list-help:list-unsubscribe:list-subscribe:list-post: list-owner:list-archive; q=dns/txt; s=dk12062016; t=1694705046; x=1695309846; b=PNnORvp6QxW2fbwqwFoveD9rSvB6ZSQBDrIal8GN7MEI3GF87pZWhR6 Szk1IpamKuOM1rSp7zKYs/gIzTjJ2wkjoP/pZbnfvgBGiQyYz93Qg9IhxEDvEC7nGVKGzOL elwiIQhGZAFEGnTSBts+yaL1xnN8ijVhx+nvBLgputXuTF5LrGKqujOX0eQszSO5R6vF7wd OdokUu8RcWVViiCwUO9p7xsA01O+iR66ei64xwpAcvZowXQ1oU8arE6vYd7OKB5IkqYgRdf uIMdYKnvy3vhqDJj8tPAkrjW1ElEfmpZ/WAbiEKOm3mIrjrv/dHugUxxUkvwVvRSYGjnDtA 8YA== Received: from slamain ([108.193.253.100]) by vsel1nmtao01p.internal.vadesecure.com with ngmta id 1971fa43-1784cd42cc5a81b3; Thu, 14 Sep 2023 15:24:06 +0000 Message-ID: <65032288.22.mr2ice.fgrirsq@earthlink.net> Date: Thu, 14 Sep 2023 08:11:04 -0700 To: "eCS ISP Mailing List" In-Reply-To: Subject: Re: [eCS-ISP] stunnel 5.58 help X-Mailer: MR/2 Internet Cruiser Edition for OS/2 v3.00.11.24/60 In , on 09/14/23 at 11:38 AM, "Massimo S." said: Hi Massimo, >If i use IF, the 587 will still be visibile from my internal LAN? It depends on what you mean by visible. If you block incoming 587 traffic from the WAN with Injoy, that traffic will not reach the LAN. However, clients running on the LAN can generate traffic and 587 and this traffic will be visible to anything listening to 587. >At the moment 587 is also used with STUNNEL for SMTPS (submission), but >it's still visible from my LAN. This depends on your stunnel config which you have not shown. What are your stunnel accept and connect settings for the smtps service? Steven -- ---------------------------------------------------------------------- "Steven Levine" Warp/DIY/BlueLion etc. www.scoug.com www.arcanoae.com www.warpcave.com ----------------------------------------------------------------------