smtpd firewall rules...
Deepak Saxena
deepak@csociety.purdue.edu
Tue, 9 Jan 2001 03:16:38 -0500
I'm trying to get smtpd(postfix) to receive email from the outside
world but limiting my system to only accept things on certain ports
for security reasons. I've only got incoming ports 80(http), 25(smtp),
and 42(named, running my domain primary) open, and when I do a
telnet to port 25 on my machine, I get zip, zero nada. If I open
up all incoming ports, i can connect with no problem. So there must
be something other than just port 25 that's required to access the
mail server...however, running ethereal on my outside ethernet card
shows no activity other than smtp and some outgoing DNS when I telnet
in with all ports open....so what am I doing wrong. Here's a
dump of my current IPCHAINS config:
[root@arrakis dsaxena]# ipchains -L
Chain input (policy ACCEPT):
target prot opt source destination ports
DENY tcp ------ anywhere anywhere any ->
0:1024
ACCEPT tcp ------ anywhere dyn-dsl1-148-phx.bazillion.com
any -> smtp
ACCEPT tcp ------ anywhere dyn-dsl1-148-phx.bazillion.com
any -> nameserver
ACCEPT tcp ------ anywhere dyn-dsl1-148-phx.bazillion.com
any -> www
Chain forward (policy ACCEPT):
target prot opt source destination ports
MASQ all ------ anywhere 192.168.0.0/24 n/a
MASQ all ------ 192.168.0.0/24 anywhere n/a
Chain output (policy ACCEPT):
~Deepak
--
Deepak Saxena - deepak@csociety.purdue.edu - phone://602.790.0500
"Imagination is more important than knowledge" - Einstein