I was under the impression that 53/tcp was for zone xfers, and 53/udp was for queries, so you may want to confirm to avoid opening more than you need to.
Mike ----- Original Message ----- From: "Sa?a Popravak" <[EMAIL PROTECTED]> To: "wali" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Monday, December 03, 2001 1:51 AM Subject: Re: pix firewall and mail server > You should also open ports 53/tcp and 53/udp for dns queries so one can find > your mail server by checking MX record from your dns. > > Best wishes, > Pope > > > > > > ----- Original Message ----- > From: "wali" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Thursday, 29.November 2001 14:50 > Subject: pix firewall and mail server > > > > hi > > i have a cisco pix firewall > > and i only have a mail server(MS exchange) on nt server > > and alot of workstations on nt workstation > > i made a nating for the pcs to work in virtual ips > > and only the mail server take a real ip(the traffic came to real and the > > firewall pass it to the virtual) > > and i only want the out side traffic came to mail ports only > > so i opened the 25 tcp port and close any comming other ports > > but the servr stop to recieve mails > > wahen i allow all traffic on except icmp it works > > is there any other ports should be open to allow the mail server to = > > recieve mails > > > > > > >