Or depending on which version of SpamAssassin you're running and whether spamc and spamd are on the same server configure them to communicate via Unix sockets instead of TCP/IP.
Brian -----Original Message----- From: Matt Kettler [mailto:[EMAIL PROTECTED] Sent: Monday, May 10, 2004 1:19 PM To: Zagler, Alexander; [EMAIL PROTECTED] Subject: Re: spamc/spamd and iptables problem At 06:19 AM 5/10/2004, Zagler, Alexander wrote: >hi list, >we are running on our box a quite hard iptables setup. >the server is not allowed to connect to any ports expect some we have >defined. >spamd uses 783, this port we have allowed to connect. but spamc uses >every time a different port to start. > >has anyone a good set of rules for iptables/spamassassin or does know >how to tell spamc only to connect from one port? Why are you even filtering on the source port of a TCP connection in the first place? Use the state feature of iptables so you don't need any rules at all to allow replies. You'll be significantly more secure this way.
