> Robert Mortimer wrote: > >>On 4/29/06, sai <[EMAIL PROTECTED]> wrote: > >> > >>>What does the rule you made look like? You should have the destination > >>>port as 25 and source port as * > >>> > > First rule (LAN) > > > > BLOCK TCP ! MailServers 25 (SMTP) * * * > > This is exactly the opposite as what was suggested by sai > > The SMTP connections are made with a destination port 25(SMTP) and not > with a source port 25. > > The rule should be something like: > > BLOCK TCP ! MailServers * * 25 (SMTP) * > > But I prefer explicitly allowing the legal traffic and blocking by > default (the logging options are more granular: > > PASS TCP MailServers * * 25(SMTP) * > BLOCK TCP * * * 25(SMTP) * > > (the second rule is not necessary if you don't allow every outgoing TCP > by default) > > Angelo.
Thanks. PS my SMTP pass through from the public side is still not working. > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
