Hi, You want to block only the internet side. By not allowing input, you have blocked it for spamassassin's purposes. If you have a statement in your iptables script that allows input, simple comment that statement. Run the script and save the setup. Restart iptables and run iptables -L -n to verify that there is no tcp 783 statement.
If you still have problems add -D as the first argument to spamassassin in /var/qmail/supervise/spamd/run. Restart spamassassin, or qmail if you don't have Jakes script, and check your logs. They will show a bunch of information so check back far enough to see any errors. spamassassin -D --lint will initialize any database files to the correct format. sa-learn --sync will initialize bayes Regards, Nick > On Tue, 2006-01-10 at 10:44 -0600, George wrote: >> Below are my port settings from inside my iptables files for mail. >> Normally >> you would add/remove to iptables through the commandline, but I prefer >> to >> use blocks inside the file. Mainly because I periodically change what >> the >> server is being used for and it makes reading much easier. The >> firewall >> option may be named differently on your system too >> (RH-Firewall-1-INPUT). >> >> #Mail Settings: >> -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 25 --tcp-flags SYN,RST,ACK >> SYN -j ACCEPT >> -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 465 --tcp-flags >> SYN,RST,ACK >> SYN -j ACCEPT >> -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 113 --tcp-flags >> SYN,RST,ACK >> SYN -j ACCEPT >> -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 110 --tcp-flags >> SYN,RST,ACK >> SYN -j ACCEPT >> -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 993 --tcp-flags >> SYN,RST,ACK >> SYN -j ACCEPT >> -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 995 --tcp-flags >> SYN,RST,ACK >> SYN -j ACCEPT >> -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 143 --tcp-flags >> SYN,RST,ACK >> SYN -j ACCEPT >> >> #Block Spamassassin >> -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 783 --tcp-flags >> SYN,RST,ACK >> SYN -j DROP >> >> George >> > > OK ... I understand that this will block port 783, BUT I don't > understand why we would want to block port 783 since spamd uses port 783 > for scanning e-mails. > > According to what I read, spamd if given the e-mail via port 783 where > it is scanned, and that you will not have the mail scanned by spamd if > port 783 is blocked. > > Maybe I am missing something. > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
