On Thu, Feb 13, 2003 at 11:05:19AM -0500, Jeff A. Earickson wrote: > Today, I turned on some ipfilter logging at "block in all" and > "block out all" and discovered that when my server attempts to send > an email to Amherst, their server responds back with a connection from > their port 25 to a random high-number port to our end: > > hme0 @0:16 b 148.85.136.10,25 -> 137.146.210.52,40633 PR tcp len 20 40 -A IN > (Amherst) (Colby) > > which my "block in all" rule kills. I've tried "keep state" settings > on my "pass in" and "pass out" rules for port 25, that didn't help. > Obviously I don't want to remove the "block in all" rule. >
Try to add a rule, just for the block all that returns an RST in this case. -Guido
