Re: [fw-wiz] Ipchains blocking Sendmail
From: Dom Glavach (dg@ctcgsc.org)
Date: 09/17/02
- Next message: Jan van Rensburg: "Re: [fw-wiz] NTLM authentication from DMZ"
- Previous message: Gautier . Rich: "RE: [fw-wiz] Ipchains blocking Sendmail"
- In reply to: csobre: "[fw-wiz] Ipchains blocking Sendmail"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Dom Glavach <dg@ctcgsc.org> To: csobre <csobre@bol.com.br> Date: Tue Sep 17 19:53:16 2002
if the running sendmail is reporting 'connection refused by server'
check /etc/sendmail.cf. You may be restricting sendmail to accept only
localhost connections.
O DaemonPortOptions=Port=smtp,Addr=127.0.0.1, Name=MTA
you may be permitting only localhost connections
On Tue, 2002-09-17 at 13:50, csobre wrote:
> Hi,
>
> I have a linux machine connected to
> the internet and to an internal network.
> I am running Sendmail and Ipchains.
> I have the following rules for
> Ipchains on port 25:
>
>
> # SMTP server (25)
> # ----------------
> ipchains -A input -i
> $EXTERNAL_INTERFACE -p tcp \
> --source-port $UNPRIVPORTS \
> -d $IPADDR 25 -j ACCEPT
>
> ipchains -A input -i
> $LOCAL_INTERFACE_1 -p tcp \
> --source-port $UNPRIVPORTS \
> -d $LOCAL_IPADDR 25 -j ACCEPT
>
> ipchains -A output -i
> $EXTERNAL_INTERFACE -p tcp ! -y \
> -s $IPADDR 25 \
> --destination-port
> $UNPRIVPORTS -j ACCEPT
>
> ipchains -A output -i
> $EXTERNAL_INTERFACE -p tcp ! -y \
> -s $LOCAL_IPADDR 25 \
> --destination-port
> $UNPRIVPORTS -j ACCEPT
>
> The only other ports I also ACCEPT are
> 53 and 113.
>
> I can send and receive mail inside my
> network, but can´t receive or send
> E-mail to the internet.
> After examining the Messages log there
> are many lines with (Connection
> refused by server) when sendmail tries
> to connect to smtp servers on the
> internet.
>
> What am I missing here?
>
> Thanks in advance.
>
>
> __________________________________________________________________________
> AcessoBOL, só R$ 9,90! O menor preço do mercado!
> Assine já! http://www.bol.com.br/acessobol
>
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
>
-- ----------------------------------------------------------------------- Dominick Glavach, CISSP, GCIH dg@ctcgsc.org Senior IS Security Engineer 814/269-2469 Concurrent Technologies Corporation PGP fingerprint: 10 77 83 6C 31 57 36 64 F6 FD 9B 06 81 14 EE 76 PGP Public Key : ftp.ctcgsc.org/pub/PGP-keys/dg.asc -----------------------------------------------------------------------
- Next message: Jan van Rensburg: "Re: [fw-wiz] NTLM authentication from DMZ"
- Previous message: Gautier . Rich: "RE: [fw-wiz] Ipchains blocking Sendmail"
- In reply to: csobre: "[fw-wiz] Ipchains blocking Sendmail"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
