2.0-BETA5 (i386) built on Mon Feb 21 15:43:32 EST 2011
I am seeing the above occur maybe once a day or once every other day, but the source IP address is in an alias that is a list of aliases (and that list contains my mail server aliases). Whenever I see this, I manually try to telnet to the same IP on port 25 and the traffic is passed, yet the mail server shows a failed connection attempt in the logs which coincides with the firewall log as above. I have a rule that explicitly allows port tcp/25 as a destination from my inbound mail servers alias group, and then there is a rule right beneath that rule that explicitly blocks outbound SMTP from all IP addresses on the subnet, and I have logging turned on for that rule. So, the rule beneath the one that should be triggered is being triggered instead. Is there a Bug/Race condition in rule evaluation?? Dimitri Rodis Integrita Systems LLC http://www.integritasystems.com
<<inline: image001.png>>
