[SOLVED] outgoing SMTP redirect

[narshlob]

Hey all,
I'm trying to get smtp redirects set up so that all outgoing smtp traffic from server .124 gets redirected to .127. I want a connection to be like this:
If I type

Code:

 telnet mx1.hotmail.com 25

I should see the greeting from the .127 server instead of hotmail's greeting.
Is there a way to do this?
I've been trying to get it set up through iptables on the .124 server. Here's the iptables config so far:

Code:

# Generated by iptables-save v1.3.5 on Thu Sep 23 10:55:27 2010
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [46806:2763003]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT 
-A FORWARD -j RH-Firewall-1-INPUT 
-A RH-Firewall-1-INPUT -i lo -j ACCEPT 
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT 
-A RH-Firewall-1-INPUT -p esp -j ACCEPT 
-A RH-Firewall-1-INPUT -p ah -j ACCEPT 
-A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT 
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT 
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT 
-A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT 
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited 
COMMIT
# Completed on Thu Sep 23 10:55:27 2010
*nat
-A PREROUTING -p tcp -m tcp --dport 25 -j DNAT --to 192.168.0.127:25
-A POSTROUTING -j MASQUERADE
COMMIT

Any help would be much appreciated.

[Lazydog]

How many interfaces does this box have?
Have a look at THIS for DNAT

[narshlob]

I actually solved this one. I needed to change the prerouting rule to an output rule
Here's my iptables-save
# Generated by iptables-save v1.3.5 on Thu Sep 30 08:18:52 2010
*nat
:PREROUTING ACCEPT [295909:53600838]
:POSTROUTING ACCEPT [12727873:766407621]
:OUTPUT ACCEPT [12639721:761118661]
-A OUTPUT -p tcp -m tcp --dport 25 -j DNAT --to-destination 192.168.1.127:25
COMMIT

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [2134578821:146706820426]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p esp -j ACCEPT
-A RH-Firewall-1-INPUT -p ah -j ACCEPT
-A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Thu Sep 30 08:18:52 2010


And it works!