Andrew, sorry to take so long to get back on this. Have you tried specifying the destination and a singe IP for the destination?
With * as the destination, this makes part of this rule as General. The allow rule is also General. So it seems you have two General rules, one a allow and one a deny. Since the allow comes first, that might be what is happening. Let me know what happens. John Tolmachoff MCSE, CSSA IT Manager, Network Engineer RelianceSoft, Inc. Fullerton, CA 92835 www.reliancesoft.com -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Andrew P. Kaplan Sent: Wednesday, December 04, 2002 12:02 PM To: [EMAIL PROTECTED] Subject: RE: [SonicWALL]- SonicWALL not blocking incoming port 25 traffic > What is the exact rule? (Deny/Allow) (service) (Source) (Range) (Destination) (Range) Deny SMTP WAN 66.180.1.1 - 66.180.254.254 * (end range blank) There's a single rule to ALLOW smtp from * on the WAN interface Below are my logs, showing access from the IP. Dec 4 14:53:43 imgate1 postfix/smtpd[22940]: connect from lists.zoanmail.com[66.180.236.201] Dec 4 14:54:35 imgate1 postfix/smtpd[22942]: connect from out-66-180-243-22.zoanmail.com[66.180.243.22] Dec 4 14:54:54 imgate1 postfix/smtpd[22945]: connect from out-66-180-243-22.zoanmail.com[66.180.243.22] Dec 4 14:54:54 imgate1 postfix/smtpd[22929]: connect from out005.tfmb.net[66.180.247.25] Dec 4 14:54:56 imgate1 postfix/smtpd[23052]: connect from out-66-180-243-7.zoanmail.com[66.180.243.7] Dec 4 14:54:56 imgate1 postfix/smtpd[22956]: connect from out-66-180-243-7.zoanmail.com[66.180.243.7] Andrew P. Kaplan A pessimist sees the difficulty in every opportunity; an optimist sees the opportunity in every difficulty" --Winston Churchill > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On > Behalf Of John Tolmachoff > Sent: Wednesday, December 04, 2002 2:22 PM > To: [EMAIL PROTECTED] > Subject: RE: [SonicWALL]- SonicWALL not blocking incoming port 25 > traffic > > > What is the exact rule? > > (Deny/Allow) (service) (Source) (Range) (Destination) (Range) > > John Tolmachoff MCSE, CSSA > IT Manager, Network Engineer > RelianceSoft, Inc. > Fullerton, CA 92835 > www.reliancesoft.com > > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Andrew P. Kaplan Sent: Wednesday, December 04, 2002 10:31 AM To: Sonicwall Subject: [SonicWALL]- sonicwall not blockinig incoming port 25 traffic why is this ip able to acces my mail server 01:15:03 imgate1 postfix/smtpd[19556]: connect from transport5a.azoogle.com[66.197.140.40] My rule set blocks WAN access from "66.197.140.0 to 66.197.140.255" to the LAN interface which contains the mail server Andrew P. Kaplan A pessimist sees the difficulty in every opportunity; an optimist sees the opportunity in every difficulty" --Winston Churchill --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.423 / Virus Database: 238 - Release Date: 11/25/02 --- [This E-mail scanned for viruses by Declude/F-Prot AV] ============================================================================ ======================= To unsubscribe, send email to [EMAIL PROTECTED] In the body of the email put the following: unsubscribe sonicwall your_name The archive of this list is at http://www.mail-archive.com/sonicwall%40peake.com/ --- [This E-mail scanned for viruses by Declude/F-Prot AV] ================================= To unsubscribe, send email to [EMAIL PROTECTED] In the body of the email put the following: unsubscribe sonicwall your_name The archive of this list is at http://www.mail-archive.com/sonicwall%40peake.com/ --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.423 / Virus Database: 238 - Release Date: 11/25/02 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.423 / Virus Database: 238 - Release Date: 11/25/02 --- [This E-mail scanned for viruses by Declude/F-Prot AV] ============================================================================ ======================= To unsubscribe, send email to [EMAIL PROTECTED] In the body of the email put the following: unsubscribe sonicwall your_name The archive of this list is at http://www.mail-archive.com/sonicwall%40peake.com/ --- [This E-mail scanned for viruses by Declude/F-Prot AV] ==================================================================================================To unsubscribe, send email to [EMAIL PROTECTED] In the body of the email put the following: unsubscribe sonicwall your_name The archive of this list is at http://www.mail-archive.com/sonicwall%40peake.com/
