> > those are ports for ingress to Imail box, right? > > > >Yes. When I have the outgoing access control turned off, there's no problem.
then leave it off. >I'm forwarding the correct ports from outside the firewall to the correct >server. The problem is when I try and restrict what's going back out from >the server. > > > >nothing outside the firewall can communicate with the server. > > > > Houston, ... > > > > better go ask your firewall vendor and/or RTFM. > >It's an older and fairly basic hardware firewall but does the job. is it modern enough to do "stateful" packet filtering? > The >manual is of no use in this situation and I've tried all the various online >help system at both the vendor and Ipswitch sites but all I can find is a >list of incoming ports that Imail uses. stateful ingress access manages itself, allowing Imail to respond egressly to the connections coming from outside. Imail needs to have tcp egress from ports >1024, since Imail SMTP client will connect to remote servers up there. I assume Imail uses an internal DNS? >It may be a hardware issue I suppose but the fact that it works witout any >restrictions suggests there's something else I need to allow outgoing. If it's not stateful, I suggest you donate it to Salvation FBI, CIA, NSA, they seem to be in need of hardware. >I'm trying to restrict outgoing communication to only the ports that are >specifically needed for the server. ok >Unfortunately it doesn't have such an option. There's a basic log viewable >but as far as I can tell, it only records unauthorised incoming connection >attempts. Are you SURE you want to keep this box? brand? model? Len www.menandmice.com/DNS-training : DNS Training BIND8NT.MEIway.com : ISC BIND for NT4 & W2K IMGate.MEIway.com : Build free, hi-perf, anti-abuse mail gateways Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Please visit the Knowledge Base for answers to frequently asked questions: http://www.ipswitch.com/support/IMail/
