hanasaki <hanasaki@???> probably said:
> May 28 20:42:03 portal kernel: Packet log: input DENY eth0 PROTO=6
> 216.136.129.13:25 65.28.85.53:1192 L=44 S=0x00 I=45478 F=0x4000 T=46
hanasaki <hanasaki@???> probably said:
> Recently, I had to change my firewall rules for smtp to the following:
> ipchains -A input -i eth0 -s 0/0 smtp -d 0/0 -p tcp -j ACCEPT -b
>
> Becuase the following started showing up in my syslog from ipchains.
> Can someone explain what could have happend? My IP is the 65.28.......
> It looks like external systems are now trying to connect 25-> random
> port.
>
> What should the rule be to allow me to send email out and to allow other
> MTA to send email to me?
>
> May 28 21:11:53 portal kernel: Packet log: input DENY eth0 PROTO=6
> 216.115.107.17:25 65.28.85.53:1235 L=40 S=0x00 I=38545 F=0x4000 T=46
> (#32)
>
> May 28 21:23:01 portal kernel: Packet log: input DENY eth0 PROTO=6
> 209.160.218.2:52936 65.28.85.53:25 L=40 S=0x00 I=33275 F=0x4000 T=237
> (#30)
The external machines are not trying to contact your machine, they are
sending packets in response to your connection to port 25 on their
side the "random port" is your local source port for the connection.
This has nothing to do with exim, you should go and ask ipchains
questions somewhere leegnux related.
P.
--
pir pir@??? pir@???
