hanasaki [exim-users] <28/05/01 21:30 -0500>:
> Recently, I had to change my firewall rules for smtp to the following:
> ipchains -A input -i eth0 -s 0/0 smtp -d 0/0 -p tcp -j ACCEPT -b
> Becuase the following started showing up in my syslog from ipchains.
> Can someone explain what could have happend? My IP is the 65.28.......
> It looks like external systems are now trying to connect 25-> random
> port.
You have got it ummmm... twisted around, sort of. Read Peter Radcliffe's
response to your post.
> What should the rule be to allow me to send email out and to allow other
> MTA to send email to me?
Tell you what - why don't you use a readymade package (such as portsentry +
logcheck, or gShield from linuxmafia.org) instead of trying to cook your own
ipchains rules?
If you _do_ want to try your own rules, go read
http://www.robertgraham.com/pubs/firewall-seen.html first.
-suresh
--
Suresh Ramasubramanian <--> mallet <at> efn <dot> org
EMail Sturmbannfuhrer, Lower Middle Class Unix Sysadmin
