From owner-freebsd-ipfw@FreeBSD.ORG Thu Apr 3 10:53:40 2003 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AE1A637B401 for ; Thu, 3 Apr 2003 10:53:40 -0800 (PST) Received: from diana.northnetworks.ca (att-ws20.switchview.com [216.13.70.20]) by mx1.FreeBSD.org (Postfix) with ESMTP id B1D1D43F93 for ; Thu, 3 Apr 2003 10:53:39 -0800 (PST) (envelope-from iaccounts@northnetworks.ca) Received: from diana.northnetworks.ca (localhost.northnetworks.ca [127.0.0.1]) h33IrchQ094725; Thu, 3 Apr 2003 13:53:39 -0500 (EST) (envelope-from iaccounts@northnetworks.ca) Received: from localhost (iaccounts@localhost)h33Irc9v094722; Thu, 3 Apr 2003 13:53:38 -0500 (EST) X-Authentication-Warning: diana.northnetworks.ca: iaccounts owned process doing -bs Date: Thu, 3 Apr 2003 13:53:38 -0500 (EST) From: Steve Bertrand To: Sereciya Kurdistani In-Reply-To: <20030403182847.GC23675@kurdistan.ath.cx> Message-ID: <20030403135048.D92663-100000@diana.northnetworks.ca> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-ipfw@freebsd.org Subject: Re: Quick IPFW Question Concerning Sendmail X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Apr 2003 18:53:41 -0000 Try allowing access to the sendmail submission port 587/tcp. I honestly don't know if this will help, but it may be worth a shot. Steve > > Hello, > > I have a quick question for you ipfw/firewall experts out there. > > I've have set up an elaborate firewall only to have trouble with > Sendmail. > > I have opened port 25 incoming, and also allow outgoing to another > port 25, but I always find stuck mail when I use "mailq". > > Using tcpdump -- and no firewall -- I've found that between the > dns lookups and smtp connections there are in fact some auth > lookups too. > > I opened incoming port 113 and outgoing to 113 but I still have > stuck mail! > > Any help would be greately appreciated, many thanks in advance! > > -Sereciya Kurdistani > > PS > My basic rules look like: > > ipfw add NNNN allow \{ tcp or udp \} from any to any smtp,smtps out > ipfw add NNNN allow \{ tcp \} log from any to any smtp,smtps in > > ipfw add NNNN allow \{ tcp or udp \} from any to any auth out > ipfw add NNNN allow \{ tcp \} log from any to any auth in > > and yes, this is ipfw2 on 4.8-STABLE > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" >