My firewall died recently, so I replaced it with a new machine. Since I needed to reinstall the OS, I naturally went for 5.4, rather than whatever obsolete version I'd been using on the old machine. But now I can't get incoming email. My setup is something like:
public mx -------> firewall -------> internal mail server My mx server is hosted in a datacentre. It receives mail and forwards it on to my home mail server. However, it's not working. From my mx server, I can connect to port 25 on my internal mail server. If I issue a HELO greeting, everything is fine. If I issue EHLO instead, the reply never makes it back to the MX server (the reply is being sent, as I've verified with tcpdump). So clearly something's dropping it. But nothing's being logged to indicate that. I have two block rules, both of which should be logging: block in log block out log on $ext I can issue EHLO without problems from other machines on my internal network, and from the firewall itself. But anything originating outside of the firewall fails. Any ideas? I'm somewhat stumped. My previous machine was sufficiently obsolete that the pf syntax has changed since then, so I wasn't able to just reuse my old pf rules. Tet -- "Java is a DSL for taking large XML files and converting them to stack traces" -- Bulat Shakirzyanov