[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-security] pmfirewall , IPCHAINS, CDONTS and mail forwarding
- Subject: RE: [cobalt-security] pmfirewall , IPCHAINS, CDONTS and mail forwarding
- From: "Network Manager" <admin@xxxxxxxxxxxxxxxx>
- Date: Tue, 23 Apr 2002 11:35:43 +1000
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi,
One word.. DNS.. is the mail server receiving mail at all or sending
mail at all? .. Reason I ask is, if your default input policy is DENY
then you need more than tcp/domain port to be open in order for DNS
to function. If DNS does not function on the RaQ then mail will not
work since you need a valid host name in order for mail to be
received or sent. (It wont send because it cant look up the name
you want to send it to. It wont receive because of anti-spam rules
in the mail server).
Try telnetting to the server and doing an NS Lookup. If it succeeds
then my theory is wrong. If it times out or fails outright then
do a google for DNS issues with IPChains Firewalls (I cant remember
what you need exactly for DNS to work but I think its udp/domain)
Regards,
Michael Kovalik - Network Manager
Webdesign105.com Online Solutions
-----Original Message-----
From: cobalt-security-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-security-admin@xxxxxxxxxxxxxxx]On Behalf Of Sean Ward
Sent: Tuesday, 23 April 2002 10:02
To: cobalt-security@xxxxxxxxxxxxxxx
Subject: [cobalt-security] pmfirewall , IPCHAINS, CDONTS and mail
forwarding
I installed pmfirewall with this:
$IPCHAINS -A input -p tcp -s $REMOTENET -d $OUTERNET 25 -j ACCEPT
When pmfirewall is running, the mail won't forward
Any clues?