On 6/26/06, Ajith Kumar <[EMAIL PROTECTED]> wrote:
I am able to send and receive mails . But if there is any attachment which is bigger than 64 KB, i am not able to send. I am pasting the pf snippet here.
PF does not regulate the size of eMails. Did you see an entry in your PF log about a blocked eMail attachment? I seroiusly doubt it.
pass in quick log on fxp0 from any to $mail_server pass out quick log on fxp1 from any to $mail_server pass in quick log on fxp1 from $mail_server to any pass out quick log on fxp0 from $mail_server to any
1) You're logging, but didn't give any log output 2) keep/modulate/synproxy state -- read about them, they will simplify your ruleset greatly 3) Please post the entire ruleset if you expect help 4) Traffic is permitted from any to your mailserver (any port, any protocol) -- is this desirable behaviour? 5) Why are you using the 'quick' keyword? Try this: pass in log on fxp0 proto tcp to $mail_server port 25 flags S/SA synproxy state pass out log on fxp1 proto tcp to $mail_server port 25 flags S/SA keep state Or, better yet: pass out quick tagged PERMITTED modulate state pass in on fxp0 inet proto tcp to $mail_server port 25 flags S/SA synproxy state tag PERMITTED
If there is no attachments, I can send mails and receive mails. But only problem is there with attachments. What I need to do ? Is there anything to be done with "scrub" entry ? Now i have not added scrub entry in the fire wall.
We would never know -- you didn't post your entire ruleset.
Regards, Ajith Kumar U System Administrator
<trimmed extraneously long signature and _laughable_ disclaimer>
