access external mail ( pop using outlook) with a linux gateway

Posted on 2005-05-08
Medium Priority
Last Modified: 2010-05-18
i have a cable modem that is connected to a linux machine ( the gateway). I configured squid on that machine and everything works properly, except i cant access my external mail using outllok or other mail client.

i appreciate any help,
Question by:cabir
LVL 40

Accepted Solution

jlevie earned 172 total points
ID: 13954637
Squid can't proxy POP, IMAP, or SMTP traffic. To allow those you need to configure a NAT'ing firewall on the Linux box to allow direct Internet access from the inside clients.

Assisted Solution

apsivam earned 164 total points
ID: 13959037
if you are not familiar with linux iptables to setup NAT use firestarter you can get it from the following url http://www.fs-security.com/ it helps you to configure NAT using an easy GUI.


Author Comment

ID: 13959637
I´d like to configure my linux box to allow POP, IMAP or SMTP traffic. I found a lot of iptables rules and I can now access POP, but with it I can´t surf the web.

I think the firewall must have a rule allowing SQUID, if so, how is that?

thanks for the tips,
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

LVL 19

Assisted Solution

by:Gabriel Orozco
Gabriel Orozco earned 164 total points
ID: 13960247
once you have setup your linux box as NAT with iptables, you should be able to surf the web, provided you have correctly specified the DNS' on your client.

if you want IPTables still acelerating your connection, you will need

a) to maintain the browser setup specifying the proxy data


b) to setup a transparent proxy in iptables and in squid.

for squid transparent proxy, add these lines to squid.conf:

# Para  el proxy transparente
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

for iptables to redirect any web access to squid:
(use the example and fill your own network)
$ipt -t nat -A PREROUTING -p tcp -s $LAN  --dport 80 -j REDIRECT --to-port 3128
don't forget to add correct dns data on your clients.
to setup a dns-cache on your linux box, just start named. then you can use the ip of your linux box as DNS.
if you are using a redhat like distribution, use:

chkconfig --level 345 named on

Author Comment

ID: 14008965
I could set up my linux box to allow mail and web access. I have one last problem, the default gateway of my network is a windows server 2003, from that machine i can access everything, but from any client on the network i only access web ( through squid).

LVL 19

Expert Comment

by:Gabriel Orozco
ID: 14011409
well you need to edit routes and give the route to netmask to the linux box on your windows gateway

Author Comment

ID: 14024916
the clients of my dhcp server ( a ws2003 machine) can´t get the default gateway ip. it only get ip address and netmask, but no default gateway.
when i set up that information manually everything works properly. what to do to clients get the default gateway value?...

LVL 19

Expert Comment

by:Gabriel Orozco
ID: 14026837

add this to your subnet definition

# The Gateway for the local network
option  routers ip.of.your.router;

and maybe you'll need this too:

option domain-name-servers ip.of.your.dns;

Featured Post


Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question