ipf rejecting but why?

Sat, 19 May 2007 04:35:09 -0700 

Most SMTP comes in just fine....but yahoo (at times) get's rejected
and I cant find out why....

Hostname: n12c.bullet.sp1.yahoo.com[69.147.64.111]
Time: May 18 22:15:39
Ports: 25

Hostname: n17a.bullet.scd.yahoo.com[66.94.237.46]
Time: May 18 22:04:18
Ports: 25

Hostname: n17a.bullet.sp1.yahoo.com[69.147.64.124]
Time: May 18 18:21:37
Ports: 25

Hostname: n18c.bullet.sp1.yahoo.com[69.147.64.129]
Time: May 18 19:58:28
Ports: 25

Hostname: n19c.bullet.scd.yahoo.com[66.218.67.207]
Time: May 18 22:00:09
Ports: 25

Hostname: n25.bullet.scd.yahoo.com[66.94.237.54]
Time: May 18 22:00:17
Ports: 25

Hostname: n28c.bullet.sp1.yahoo.com[209.131.38.248]
Time: May 18 22:03:50
Ports: 25

Hostname: n33a.bullet.sp1.yahoo.com[209.131.38.214]
Time: May 18 20:36:13
Ports: 25

Hostname: n8b.bullet.sp1.yahoo.com[69.147.64.169]
Time: May 18 18:24:38
Ports: 25


Here are some of the actual non-parsed log rejections:
May 18 18:20:42 lexi ipmon[124]: 18:20:41.942290 sppp0 @0:59 b 69.147.64.124,43761 -> 192.168.82.170,25 PR tcp len 20 52 -A IN NAT May 18 18:20:49 lexi ipmon[124]: 18:20:49.831577 sppp0 @0:59 b 69.147.64.124,43761 -> 192.168.82.170,25 PR tcp len 20 52 -A IN NAT May 18 18:21:06 lexi ipmon[124]: 18:21:05.600252 sppp0 @0:59 b 69.147.64.124,43761 -> 192.168.82.170,25 PR tcp len 20 52 -A IN NAT May 18 18:21:37 lexi ipmon[124]: 18:21:37.126844 sppp0 @0:59 b 69.147.64.124,43761 -> 192.168.82.170,25 PR tcp len 20 52 -A IN NAT May 18 18:23:43 lexi ipmon[124]: 18:23:42.984772 sppp0 @0:59 b 69.147.64.169,26735 -> 192.168.82.170,25 PR tcp len 20 52 -A IN NAT May 18 18:23:51 lexi ipmon[124]: 18:23:50.853821 sppp0 @0:59 b 69.147.64.169,26735 -> 192.168.82.170,25 PR tcp len 20 52 -A IN NAT May 18 18:24:06 lexi ipmon[124]: 18:24:06.591992 sppp0 @0:59 b 69.147.64.169,26735 -> 192.168.82.170,25 PR tcp len 20 52 -A IN NAT May 18 18:24:38 lexi ipmon[124]: 18:24:38.068355 sppp0 @0:59 b 69.147.64.169,26735 -> 192.168.82.170,25 PR tcp len 20 52 -A IN NAT 

Yet in my ipf.conf I have this:

block in log on sppp0 all
block in log quick from any to any with ipopts
block in log quick proto tcp from any to any with short
...
...
pass in quick on sppp0 proto tcp from any to any port = 25 flags S keep state keep frags 

Does this give anyone an idea as to why email is (at times) being rejected?

-JD

Reply via email to