Hi, Thanks for the rules. BTW, is the -y flag equivalent to the --syn flag on iptables? Sorry I forgot :P
jOoN ----- Original Message ----- From: "Benj" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, March 20, 2002 5:42 PM Subject: Re: [plug] SMTP Ports Question > Joon Guillen wrote: > > > Hi, > > > > Does the SMTP service use the same port (25) to connect and forward the > > outgoing e-mails to its designated mail servers or do they use the ports > > above 1023? And, will the remote mail server need to respond to it (as an > > acknowledgement, or maybe something else)? > > Yes, SMTP uses ports 1024 and above to send out mails, and the remote > mail servers do need to respond to sending client. > > > I'm doing firewall rules, and I'd like the rules to be as specific as > > possible. I'm using qmail and qmail-smtpd btw. > > Here are the rules: > > # SMTP client (25) > # ---------------- > > ipchains -A input -i $INTERNAL_INTERFACE -p tcp ! -y \ > -s $SMTP_SERVER 25 \ > -d $INTERNAL_IPADDR $UNPRIVPORTS -j ACCEPT > > ipchains -A output -i $INTERNAL_INTERFACE -p tcp \ > -s $INTERNAL_IPADDR $UNPRIVPORTS \ > -d $SMTP_SERVER 25 -j ACCEPT > > Note: > $UNPRIVPORTS="1024:65535" > > -- > Benjamin Oris Jr. > ImagineAsia Digital Animation Studio > http://www.imagineasia.com > _ > Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph > To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] > > To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED] > _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
