> > > > those are ports for ingress to Imail box, right? > > > > > > >Yes. When I have the outgoing access control turned off, there's > no problem. > > then leave it off.
Which I am doing for that particular server though I'd rather not leave it wide open to all and sundry. > > >I'm forwarding the correct ports from outside the firewall to the correct > >server. The problem is when I try and restrict what's going back out from > >the server. > > > > > >nothing outside the firewall can communicate with the server. > > > > > > Houston, ... > > > > > > better go ask your firewall vendor and/or RTFM. > > > >It's an older and fairly basic hardware firewall but does the job. > > is it modern enough to do "stateful" packet filtering? Nope. > > stateful ingress access manages itself, allowing Imail to respond > egressly > to the connections coming from outside. > > Imail needs to have tcp egress from ports >1024, since Imail SMTP client > will connect to remote servers up there. Right, well I didn't know that so if access through ports >1024 was being blocked that might the problem? Although I don't understand why that would prevent access to the webmessaging interface for example. > > I assume Imail uses an internal DNS? > No we don't have internal DNS which is why I allowed port 53 through which the Imail documentation I have says is used for DNS. > >It may be a hardware issue I suppose but the fact that it works > witout any > >restrictions suggests there's something else I need to allow outgoing. > > If it's not stateful, I suggest you donate it to Salvation FBI, CIA, NSA, > they seem to be in need of hardware. > Not a very helpful comment. We're a very small company and this unit, while admittedly cheap and probably worthless to you, does the job, albeit a basic one. When there's money available and as the company expands we will look at more sophisticated systems. All I asked for was some help in understanding what ports Imail makes outgoing communications on so I can try and make sure those are left open. - Howard Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Please visit the Knowledge Base for answers to frequently asked questions: http://www.ipswitch.com/support/IMail/
