Recently, I had to change my firewall rules for smtp to the following:
ipchains -A input -i eth0 -s 0/0 smtp -d 0/0 -p tcp -j ACCEPT -b
Becuase the following started showing up in my syslog from ipchains.
Can someone explain what could have happend? My IP is the 65.28.......
It looks like external systems are now trying to connect 25-> random
port.
What should the rule be to allow me to send email out and to allow other
MTA to send email to me?
May 28 21:11:53 portal kernel: Packet log: input DENY eth0 PROTO=6
216.115.107.17:25 65.28.85.53:1235 L=40 S=0x00 I=38545 F=0x4000 T=46
(#32)
May 28 21:23:01 portal kernel: Packet log: input DENY eth0 PROTO=6
209.160.218.2:52936 65.28.85.53:25 L=40 S=0x00 I=33275 F=0x4000 T=237
(#30)
THANK YOU!
