> > using ipchains, im only allowing ports 25,53,110,143 but my log shows
> > that the senders mail server is probing port 113 (auth). though i
> > receive the emails, the packets for 113 is being denied. should i allow
> > this? what are the complications?
>
> Port 113 is auth, a service where your server will tell the other mail server
> the username of the one making the connection. Take a look at SMTP headers,
> you'll find stuff like root@server - the 'root' came from the auth server.
> Nowadays it's safe to filter it, make sure you reject it and send a RST
> for "Connection refused"; don't make it hang by just dropping the packets.
>
>
/sbin/ipchains -A input -d 0/0 113 -j REJECT
is a pretty safe bet.
--------------------------------------
William Emmanuel S. Yu
Ateneo Cervini-Eliazo Networks (ACENT)
email : [EMAIL PROTECTED]
web : http://cersa.admu.edu.ph/
phone : 63(2)4266001-5925/5904
Chairman of the Bored.
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
