Larry Moore wrote:
> From: "Bowie Bailey" <[EMAIL PROTECTED]>
> > I am having a problem implementing iptables with courier's pop3
> > daemon. If I disable iptables, everything works fine. As soon as I
> > enable it, pop3 will stop working for large messages. Small
> > messages will go through with no problems, but large ones will time
> > out.
> >
> > I get this message from OE: "Your POP3 server has not responded in
> > 60 seconds." And an option to stop or continue waiting. I can
> > wait as long as I want, but it will not download the message.
> >
> > Has anyone seen this problem before? I would like to implement
> > iptables for more security, but I can't do it if this problem
> > persists.
> >
>
> Could it be {DF} flags is set however fragmentation needs to occur
> and the ICMP message indicating this is not making it back to the end
> (I think this would be the POP3 server) which needs to change the MSS
> of the TCP packet?
>
> My 2-bobs worth!
Could you elaborate a little bit on the {DF} flag? What does it do,
where would it be set, and how can I test to see if this is the case?
I am allowing all icmp traffic, so this shouldn't be blocked. When I
logged my blocked traffic, it included only some network broadcast
noise and the pop3 packets that cause the problem. I have received
some help from the netfilter list. It appears to be a connection
tracking problem based on the troubleshooting so far.
--
Bowie
-------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
courier-users mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
