On Mon, Aug 13, 2001 at 05:48:57PM +0200, Wolfgang Pichler wrote:
> Brett Randall [mailto:[EMAIL PROTECTED]]
> > On Mon, 13 Aug 2001 16:56:32 +0200, "Wolfgang Pichler" <[EMAIL PROTECTED]>
>said:
> > > It's a little bit off topic,
> > comp.security.firewalls
> > comp.os.linux.networking
Tell me, Wolfgang, which part of off topic did you misinterpret?
> > > but does anywhere know which ports to open on my firewall so that
> > > qmail works correctly.
> > 25 outbound if you only want to send e-mail to external sites. 25
> > inbound as well if you have a mail server in a DMZ.
> I have no mail server in DMZ
Do you have a DMZ at all? How do you expect *any*one to correctly
guess your setup?
> > > At the moment I've opend dns,smtp and pop3 but when i activate the
> > > firewall some messages can't be delivered (wasn't able to establish
> > > an smtp connection),
>
> > Log entries? Kernel details? OS even?
> OS: Linux 2.4.4-smp with iptables v 1.2.1a
http://kernel.org/:
The latest stable version of the Linux kernel is: 2.4.8 2001-08-11 04:13 UTC
http://netfilter.samba.org/:
May 07 2001 iptables 1.2.2
Soooo... you're running a stock Linux distribution. You have all the
necessary information for setting up your toy-firewall right at your
fscking fingertips. Why are you asking your question in the *wrong
forum*?
> > > but when i try to telnet to the specified rcpt-server everything
> > > works really fine.
> > rcpt-server = really crazy parrot tarot-server? What do you mean,
> > rcpt-server? Do you mean the remote MX?
> with rcpt-server i mean the mean the highest prior MX server from
> the dns server.
Then why didn't you say so? And before you submit your question to
news:comp.os.linux.networking, make sure to write a protocol of that
session.
> > > So what happend here ? (if i open the firewall for everything, then
> > > the messages are leaving the queue)
> > Nice... I think it's probably safer you leave the firewall open.
> > Really.
> iptables -A OUTPUT -p tcp --dport smtp -s myip -m state --state NEW,ESTABLISHED -j
>ACCEPT
Without the output of iptables -L, this is rubbish. WTF is "myip"? Why
did you not read http://learn.to/edit_messages/ before writing in a
technical forum? Why is your MUA setup totally broken? Nudlaug...
--
Robin S. Socha http://socha.net Do not Cc: me. Ever.