Re: [Exim] exim behing iptables

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Jonathan G - Mailing List
Date:  
À: Dave Miller
CC: exim-users
Sujet: Re: [Exim] exim behing iptables
Hi Dave,

due to be a firewall installed in the same box that your services you
should open those ports:

http    input    80/tcp    If you have a web server
http    output    80/tcp    For surf from this box and/or dowload via http
https    input    443/tcp    If you have a secure web server
https    output    443/tcp For surf from this box and/or get/post https
dns    input    53/tcp    Domain Name Service to the internet
dns    input    53/udp    Domain Name Service to the internet
dns    output    53/tcp    To query internet Domain Name Servers
dns    output    53/udp    To query internet Domain Name Servers
smtp    input    25/tcp    To allow others to inject mail in your server
smtp    output    25/tcp    To allow send mail to remote smtp servers
pop3    input    110/tcp    To allow others/you to check mail in your box
imap4    input    143/tcp    To allow others/you to check mail in your box
--    input    icmp    To allow your box to be ping'ed and route'ed
--    output    icmp    To allow ping & route from your box to internet


if you have more doubts just dropm a mail.

best regards,

Dave Miller wrote:
> This is a multi-part message in MIME format.
> --
> [ Picked text/plain from multipart/alternative ]
> Hello –
>
> I am running Exim 4.2 on a RH 7.2 machine. I use iptables with the input
> chain set to drop and rules to open port 25 to all traffic, allow any
> service on the machine to access dns, etc. I can receive mail with the drop
> policy in place but when I try to send non local mail Exim times out. Do I
> need to open additional ports for Exim? If yes, which ones? If no, any ideas
> on why the time out?
>
> Thank you.
>
> --
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>


--
___________________________________________________________________
Jonathan Gonzalez - SureStorm.com Security Site - Madrid/MA/SPAIN
http://www.surestorm.com - GnuPG Key ID = 0xAA3EAC08

/"\
\ / ASCII RIBBON CAMPAIGN
X Against HTML mail & Microsoft attachments
/ \