Robert Mortimer wrote:
On 4/29/06, sai <[EMAIL PROTECTED]> wrote:
What does the rule you made look like? You should have the destination
port as 25 and source port as *
First rule (LAN)
BLOCK TCP ! MailServers 25 (SMTP) * * *
This is exactly the opposite as what was suggested by sai
The SMTP connections are made with a destination port 25(SMTP) and not
with a source port 25.
The rule should be something like:
BLOCK TCP ! MailServers * * 25 (SMTP) *
But I prefer explicitly allowing the legal traffic and blocking by
default (the logging options are more granular:
PASS TCP MailServers * * 25(SMTP) *
BLOCK TCP * * * 25(SMTP) *
(the second rule is not necessary if you don't allow every outgoing TCP
by default)
Angelo.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
