Linux Advocate wrote: > Tom, > >>> 1. Why is the smtp port stealthed whilst other are >>> open? >> Two obvious questions: Why is postfix listening on >> port 26 rather than port >> 25? > > our isp has blocked port 25, therefore , we are using > port 26, i have modified postfix ( postfix just for > cron messages only , our office mail server is hosted > off-site ) and also the smtp macro to this end.
Why??????? > >> Do you have an ACCEPT or DNAT rule for port >> 26? > > in the policy file , i have set FW -> Net as accept, > since postfix is running on the FW , this should cut > it rite ? Sure -- but that is outbound. You aren't opening port 26 inbound so your default net->fw (or net->all) DROP policy will stealth the port inbound. > >>> 2. What about port 113 ? Any issues / comments. >> How do >>> i get rid of it? >> RTFF (Read the fine FAQ) -- in this case, it is FAQ >> 4. > > i hv read it before... nothing clicked.... but > ....reading it again.... == > i get it now ! :) > > If in the policy file , i already have FW -> net , > there is no need for me to add something in rules.. > therefore should i conclude , its my postfix config > which is wrong ? I don't think there is anything wrong with your configuration. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
