Hi, How can I unsubscribe from this mailing list? [EMAIL PROTECTED]
Thank you ----- Original Message ----- From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, October 31, 2002 11:25 AM Subject: Re: qpopper and ipchains config You wrote: >When trying to connect using Express, I get the following errors:- > >The connection to the server has failed. Account: 'xxxxxx.com', Server: >'mail. xxxxxx.com', Protocol: SMTP, Port: 25, Secure(SSL): No, Socket Error: >10061, Error Number: 0x800CCC0E > >The connection to the server has failed. Account: 'xxxxxx.com', Server: >'xxxxxx.com', Protocol: POP3, Port: 110, Secure(SSL): No, Socket Error: >10071, Error Number: 0x800CCC0E > >Now, na�ve me assumed that the comment about SSL meant it was trying to use >SSL to connect to the port. No - in fact that is just saying that your e-mail client was not using SSL. >However, if I remove the following rule from ipchains:- > >REJECT tcp -y---- anywhere anywhere any -> >any > >Then the pop3 connection works. I need to do the equivalent for SMTP also, >as I understand it. Well that will work as it is removing most of your firewall protection !! After reading up a bit on ipchains you should add to rules for clients to connect to port 110, which is where PoP3 is normally checked, and port 25 being the SMTP equivalent. >Now, what I'm a little confused about is whether this is the correct & safest way to configure >ipchains to allow qpopper to work? Definitely not the way to go, although I concede that it will work. You should assume currently that you do not have any firewalling. >I need to allow any external client with a valid IP address to connect via pop3 and SMTP using >using the appropriate ports. Presumably it's a good idea to reject invalid IP addresses and to >reject connections that appear to come from the internal network address. I guess there is more I >can do to secure things by using APOP, SSL, etc. but first things first. Most firewalls will cover blocking internal IP numbers on the external interface etc. >I would be grateful for any help. > >Thanks, >Phil
