November 24, 2024, 05:11:52 PM

News : LinuxSolved.com Linux Help Community Forum..


Author Topic: Configuring Squid Outlook to access Remote mail server.  (Read 26704 times)

Offline ashwin_ice

  • Linux Noob !
  • *
  • Posts: 10
Configuring Squid Outlook to access Remote mail server.
« on: December 30, 2003, 10:25:35 AM »
Hi Ricky,


               I'm running Squid Proxy 2.4 Stable 7 on a Native Windows 2000 Domain network. The Red Hat 8.0 box with two NIC's running this proxy is my Gateway for the Win2k Clients the eth1 = ISP's IP and eth0 = Internal IP.

Squid's running just fine with a 128 KBps connection and I use Webmin to configure the same. Now all my clients have statically assigned IP's because of some application requirements so I cannot use a NAT. Now Firstly, I need Only my Mobile users with Notebooks with MS OUTLOOK to access the remotely hosted mail server(POP3, SMTP) directly i.e I'm unable to do this for obvious reasons for now with Squid. Is there any way I can Configure these notebook users Outlook to connect to Squid and Pull and send their mails directly as they would've otherwise done with a Dialup connection from anywhere outside.

Secondly, please dismiss this question at your discretion as its not that important....  I was wondering that Like Win2k RRAS can I use the Linux Box as a Router so as to allow all my Clients to access the Gateway directly.

Kind Regards and thankin you in advance

Ashwin  :)

Offline Ricky

  • LST CareTaker
  • Specially Skilled
  • *****
  • Posts: 2381
Configuring Squid Outlook to access Remote mail server.
« Reply #1 on: December 30, 2003, 12:45:01 PM »
Ya.. infact very simple.. and squid is best...

What you need is to use transparent proxy.. instead of simple proxy..
To know how to configure.. See other threads about transparent proxy.. you will then fine all answer to you questions.. also for routing.. ..
Tell me. if you get..

Offline ashwin_ice

  • Linux Noob !
  • *
  • Posts: 10
Configuring Squid Outlook to access Remote mail server.
« Reply #2 on: January 03, 2004, 05:29:58 AM »
K Thanks, Ricky will keep u informed as regards the progress  :) And there's just one more question I wanted to ask you.. Is there a way to configure a Router on Linux using "softwall express" as we have RRAS in Win2kServer.. I'm currently studying the softwall docs and lets hope I can get this thing configured.. MY ISP's given me a IP on his private network whose subnet mask is different from mine and thats where Squid's comming to my Rescue. If this works well I would even contemplate trying the Failover router option in Linux :).. Thanks again and if you have any Questions as regards Win2k Server or ADS wwhich I suppose would be very less likely but... please do let me know and I'll do my best to help

Kind Regards

Ashwin

Offline Ricky

  • LST CareTaker
  • Specially Skilled
  • *****
  • Posts: 2381
Configuring Squid Outlook to access Remote mail server.
« Reply #3 on: January 03, 2004, 07:05:06 AM »
Thank you! man for ur proposal for help.. i ll sure ask u if i need help.. now regarding ""softwall express" i am not getting idea abt it..
For configuring linux as router u have to just enable iprouting that is so simple..  and also a firewall..

I think i m not getting wth u ask or i donno about it...

Offline ashwin_ice

  • Linux Noob !
  • *
  • Posts: 10
Configuring Squid Outlook to access Remote mail server.
« Reply #4 on: January 03, 2004, 10:10:01 AM »
Hi Ricky, I've been just reading the www.smoothwall.org manuals and they require me to adopt DHCP to assign dynamic IP's to my clients and thats something that I cannot do since My Client's IP's are statically assigned. Now I'll be a bit more specific about the prob. My ISP has assigned me a IP on his network ie say like 10.10.121.0 network and mines on 192.168.0.0 and this Linux MAC with the Squid has these two Nic's assigned with the same. Now I read about the Transparent IP caching and that does sound exactly like what I need but I hope whats written below holds true:

Configuring Squid

You need at least Squid 2.X to use transparent proxying. Once you have it installed and running, little additional configuration is required. Edit /etc/squid/squid.conf and make the following changes.

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

After you’re done, restart Squid with

/etc/rc.d/init.d/squid.init restart

Client configuration

The best part of the client configuration is that there’s none. Clients think that they’re directly connected to the Webserver, without an intermediate proxy server in between. This means that you can use almost any type of client from behind your firewall, even if it doesn’t have proxy or firewall support.


Now after reading the above I configued my Squid.conf likewise and tried downloading mails off the remote server From Outlook... What happened was I got this error:

The Host 'mail.xyz.com'  could not be found. Protocol:POP3, Port:110, Secure (SSL): No, Socket error: 11001, Error Number:0x800CCC0D

and I'd read in once place... that if one wanted to Install the transparent PRoxy option it needs to be configured in the kernel... and if it is not then I'd hsvr to recompile the kernel...  :?

Offline Ricky

  • LST CareTaker
  • Specially Skilled
  • *****
  • Posts: 2381
Configuring Squid Outlook to access Remote mail server.
« Reply #5 on: January 03, 2004, 12:48:42 PM »
Well you are getting confused..
Well tell me what is your distribution. ?? If any of the latest then no problem ..

Now first give these topics a look.. http://www.linuxsolved.com/forums/viewtopic.php?t=86
and
http://www.linuxsolved.com/forums/viewtopic.php?t=42

In both see my posts for configuring transparent proxy with the squid.conf in other thread..   Now.. try that.. then tell me..

Also if you have installed the squid from rpm .. unistall it and install it by source code..   using the following argument to enable transparency..
Code: [Select]
./configure --enable-linux-netfilter
But as far as i know rpm packages are now compiled with that option already enabled...

Offline ashwin_ice

  • Linux Noob !
  • *
  • Posts: 10
Transparent Proxy Configured
« Reply #6 on: January 06, 2004, 08:34:13 AM »
Dear Ricky,


                  Thanks to your Previous posts and the Squid Proxy config manual, I've managed to set up Transparent Caching using the following

Port redirection

iptables -t nat -A PREROUTING -p TCP --dport 80 -j REDIRECT --to-port 8080

The above rule redirects port 80 requests, irrespective of source ip address to port 3128 (or whichever port in which squid is running in transparent mode). 8080 My Port specified.

IP-Masquerading

iptables -t nat -A POSTROUTING -p TCP -s 0/0 --dport 21 -j MASQUERADE

iptables -t nat -A POSTROUTING -p TCP -d 0/0 --dport 20 -j MASQUERADE

iptables -t nat -A POSTROUTING -p TCP --dport 25 -j MASQUERADE

iptables -t nat -A POSTROUTING -p TCP --dport 110 -j MASQUERADE

iptables -t nat -A POSTROUTING -p TCP --dport 22 -j MASQUERADE

iptables -t nat -A POSTROUTING -p TCP --dport 23 -j MASQUERADE

 and in the Squid.cache

To Run Squid in a transparent mode, enable the following directives in Squid.conf.

httpd_accel_host virtual

httpd_accel_port 80

httpd_accel_with_proxy on

httpd_accel_uses_host_header on

Now after having put in these configurations  

I Set the IP Gatway on the clients to that of the Squid server

The Outlook clients on the Win2k Clients can now pass traffic through the squid server and have their mail requests to the Remote mail server. This was only pertaining the Laptop users who maintain all their mails on their Laptops whether they connect usin the Squid server or from anywhere Outside using dialup.

Now for the rest of the lan users we download mails on to our own POP3(VPOP3) and SMTP(Wndows SMTP Server) Windows 2k Polling server and relay the mails to their respective Win2k clients. Now when I configure the IP Gateway of this POP3 and SMTP Server to use Squid, it does not seem to connect, neither does it POLL, I'll draw a diagram and mail it to you... so you'll be a bit more clear about this...

Kind Regards

Ashwin[/img][/b]

Offline Ricky

  • LST CareTaker
  • Specially Skilled
  • *****
  • Posts: 2381
Configuring Squid Outlook to access Remote mail server.
« Reply #7 on: January 06, 2004, 09:27:04 AM »
hmm... waiting for mail.. and i think i should now write a tutorial for setting up squid as well as transparent proxy... but send it to mail i am giving to u in pm.. only..

Offline ashwin_ice

  • Linux Noob !
  • *
  • Posts: 10
Configuring Squid Outlook to access Remote mail server.
« Reply #8 on: January 06, 2004, 06:52:36 PM »
Thanks Ricky, so lemme see what I can do with this IPTABLES stuff..., and wouldn't Masquerading help. That would help protect my inner network.. right I mean thats not a Priority an can do without that for now..
So the part I'd done before I guess was correct and all I had to do was define the gateway... without filling in the proxy port in the browser... but then I wonder why was the VPOP 3 server not forwarding anythin... I set the nat to forward SMTP and POP3 traffic.. right.. or is it beacuse HTTP is still with Squid :| ? I mean um sorry I might be making things more complicated, but I'll do wot ya told me to n get back to ya.. k tahnks again...

Regards
Ashwin

Offline ashwin_ice

  • Linux Noob !
  • *
  • Posts: 10
Configuring Squid Outlook to access Remote mail server.
« Reply #9 on: January 08, 2004, 02:57:45 PM »
Dear Ricky,

                 Something's not working again. I've done the following you'd asked me to do:

In /etc/rc.d/rc.nat and a entry for the same in /etc/rc.d/rc.local

Code: [Select]
#!/bin/sh

iptables=/sbin/iptables

$iptables --flush -t nat

iptables --table nat --append POSTROUTING --out-interface eth1 -j MASQUERADE

iptables --append FORWARD --in-interface eth0 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward

And despite configuring this, Ricky I still cant browse from client ends despite disabling the clients from using proxy ports. I havn't used the Redirect HTTP to 8080 (or 3128) I've removed the foll Transparent Proxy lines form squid too so it would not cause any impediments.
Code: [Select]
httpd_accel_host virtual

httpd_accel_port 80

httpd_accel_with_proxy on

httpd_accel_uses_host_header on

and I dont want SQUID working so I'll try stopping the service next time.
and am not using redirecting of port 80 HTTP to Squid either.

Code: [Select]
#Not Used
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080

Secondly once this gets working which I'm sure it will thanks to your guidance now and that which you would be giving, just a question i had in mind... Is it like we're Masquerading packet IP's with Source NAT and Forwarding Internal bound traffic, we're usin drop to not forward those PORTS specified.. right?

Offline Ricky

  • LST CareTaker
  • Specially Skilled
  • *****
  • Posts: 2381
Configuring Squid Outlook to access Remote mail server.
« Reply #10 on: January 08, 2004, 05:51:25 PM »
I think you should give a look to it. .. .
http://www.linuxsolved.com/forums/viewtopic.php?t=115
And
http://www.linuxsolved.com/forums/viewtopic.php?t=116

Offline ashwin_ice

  • Linux Noob !
  • *
  • Posts: 10
Configuring Squid Outlook to access Remote mail server.
« Reply #11 on: January 12, 2004, 06:26:27 AM »
Thanks ricky the tutorial served to be good. As you'd said rightly I was confusing the netfiler commands for Transparent Squid and NAT. Now the router is up and working and all my Clients can access the web without any problems including the POP3 polling server. I guess what i need is Good firewall Policies which I need to get down to as you've also mentioned in the tutorial. I'm reading Netfilter with a lot more interest this time. and the best thing I like about IP tables is that you can flush and easily reconfigure and I guess I better try all experimentation on non working days and I guess I'll look up for help down here in case I get Stuck...

Thanks to You once agin Ricky for being patient and helpful as well as LinuxSolved... an excellent platform that Linux newbies can look up to . You Guys r simply GREAT !!!!

Offline bahram741413

  • Linux Noob !
  • *
  • Posts: 5
Configuring Squid Outlook to access Remote mail server.
« Reply #12 on: January 18, 2004, 05:25:22 AM »
hi 2 all
I have squid proxy server in my office and my user authenticate with ncsa. Is it possible for me to allow my user that use outlook ? ( i can't use transparent squid )

Offline Ricky

  • LST CareTaker
  • Specially Skilled
  • *****
  • Posts: 2381
Configuring Squid Outlook to access Remote mail server.
« Reply #13 on: January 18, 2004, 09:59:42 AM »
bahram ! you have asked this question at two place.. Please ask at one place only . See the following.. http://www.linuxsolved.com/forums/viewtopic.php?p=511