My Global rule allow traffic originate from firewall. And I also manually create a rule to allow outgoing SMTP traffic to go out from the firewall. I saw in the log that the SMTP mail did out go, but I always can't get the mail when the NG policy is on.
But, my implementation is a bit different. Let me explain.. I am sending a SMTP mail from a Checkpoint NG box, but the mail will go thru another checkpoint firewall 2000 (on the same LAN) before going to the internet. I don't know whether it will affect the mail sending or not. But I am sure the second firewall shouldn't block it as when I unload the policy on my checkpoint NG box without unload policy in my checkpoint 2000 (second firewall), I will be get the mail. Why?? Any idea??
From: "<Aaron Reynolds>" <[EMAIL PROTECTED]> look at global properties. Is the allow traffic originating from firewall option checked? If not you need to turn it on or create manual rules. -Aaron -----Original Message----- From: Martin byford [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 18, 2003 10:19 AM To: [EMAIL PROTECTED] Subject: [FW-1] can't send SMTP mail Hi.. I found that I can't send the SMTP mail from the firewall itself when the firewall policy is on. But when I fw unload localhost, I have no problem sending it. I can't understand this. I thought firewall by default it will allow any traffic from the firewall itself regardless any policy installed on it right. FYI.. I installed postfix SMTP client on the firewall and below is the error msg. Feb 13 13:45:45 fw1 postfix/smtp[13177]: [ID 197553 mail.info] connect to mx2 .hotmail.com[65.54.254.145]: Connection timed out (port 25) Could it be related to the $FWDIR/conf/smtp.conf file, I found the default timeout is 90s in my NG while the default timeout in my CP2000 is 900s which I have no problem sending SMTP mail. bash-2.03# more smtp.conf detailed_smtp_err_mail false detailed_av_err_mail false detailed_rb_err_mail false max_ips_per_mx_node 1 max_mx_node_per_mail 5 max_conns_per_site 6 max_conns 40 max_mails_per_conn 20 spool_limit_scan_period 20 spool_limit 20000 timeout 90 scan_period 2 resend_period 600 abandon_time 43200 max_mail_size 1000 maxrecipients 50 _________________________________________________________________ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
_________________________________________________________________ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
