Bypass SMTP profile for one IP

Question

Hello,
Can you help me with irule which would bypass LTM SMTP profile for one specific ip address?
I begin with&nbsp;
when CLIENT_ACCEPTED {
 if { ([IP::client_addr] == "192.168.5.6%3") }{&nbsp;
and now I dont know how to match and bypass smtp profile called "smtp-prof"&nbsp;
thank you very much
 Martin &nbsp;

rico · Answer

Martin, 
You could try using the 'SMTPS::disable' command. The iRule would look something like this.
when CLIENT_ACCEPTED 
{ 
    if { ([IP::client_addr] == "192.168.5.6%3") }
    {
        SMTPS::disable
    }
}

kai_wilke · Answer

Hi Martin,
there exists unfortunately no command to detach an assigned SMTP profile. But you may try the iRule below to disable the PSM functionality of the SMTP via the [PSM::SMTP::disable] command. 
https://support.f5.com/csp/article/K10987
Note: The documentation of this command is not maintained anymore, so I dont know if this still works out on latest builds...
when CLIENT_ACCEPTED { 
    if { [IP::addr [IP::client_addr] equals "10.10.10.0/24"] } then {
        PSM::SMTP::disable
    }
}

If this iRule does not workout, you may deploy a front-ending VS wich parses the connecting client IPs and then forwards the request either to a SMTP profile enabled VS or a nacked VS in a VIP-targeting-VIP setup...
https://devcentral.f5.com/wiki/iRules.virtual.ashx
Cheers, Kai

Forum Discussion

Bypass SMTP profile for one IP

2 Replies

Recent Discussions

F5 terminal - help to run commands - disk space full

vulnerabilities-CVE-2020-16150 & CVE-2013-0169

google autenticator broken barcode

Error while running ansible

ASM instance creation

Related Content

SMTP Smugglers Blues

SMTP Proxy

What is SMTP Smuggling and how can you deal with it?

Bypass certificate check

SSL Profiles