Hmm I tried all 3 ways and it seems some mail servers will not send/receive mail without being able to IDENT?
maybe I am wrong but I am struggling with this now.
Also could anyone explain why I see packets like this I am currently dropping them based on a rule dropping all but IDENT to/from my firewall
I also have a previous rule accepting and scanning incoming SMTP?
Service Src Dst Proto S_port
varies outside_host MY FIREWALL TCP SMTP
-----Original Message-----
From: Kumar, Preet (Exchange) [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May 25, 2000 9:10 AM
To: 'John Gesualdi'; fw
Subject: RE: [FW1] Do I need these two rules??
Instead of dropping the ident reject them.
Preet
> -----Original Message-----
> From: John Gesualdi [SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, May 25, 2000 8:57 AM
> To: fw
> Subject: Re: [FW1] Do I need these two rules??
>
>
>
>
> First, thanks to all who have replied on this subject.
>
> I tried disabling the ident rule, things continued to run well but I
> noticed many
> more drops in my firewall logs. Apparently my www,mail and dns server
> located in the
> DMZ behind the firewall use ident and without this rule I get many more
> drops in my
> logs so it's more of a cosmetic problem. I'm probably going to leave it in
> unless
> someone else has a better idea?
>
>
>
>
> John Gesualdi wrote:
>
> > Hi,
> >
> > I'm reviewing all the rules in my firewall. I have a couple of old
> rules
> > that don't seem to make sense any longer.
> >
> > Rule1 = any_host any_destination long_icmp drop. This
> rule was
> > put in a long time ago for the Ping of Death DOS attack. We are running
> fw1 vers
> > 4.0sp5 on Solaris 2.6. Do I still need this rule?
> >
> > Rule 2 states that my Web server and dns,smtp server located in the
> DMZ can
> > do "ident" with any host. Why would I need this?
> >
> > Thankyou.
> >
> > --
> > John Gesualdi
> > The Providence Journal Company
> > Phone (401)277-8133
> > Pager (401)785-6938
> > CCDP,CCNP
> >
> >
> ==========================================================================
> ======
> > To unsubscribe from this mailing list, please see the instructions
> at
> > http://www.checkpoint.com/services/mailing.html
> >
> ==========================================================================
> ======
>
> --
> John Gesualdi
> The Providence Journal Company
> Phone (401)277-8133
> Pager (401)785-6938
> CCDP,CCNP
>
>
>
>
> ==========================================================================
> ======
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ==========================================================================
> ======
***********************************************************************
Bear Stearns is not responsible for any recommendation, solicitation,
offer or agreement or any information about any transaction, customer
account or account activity contained in this communication.
***********************************************************************
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
