[lug] Sending POP email thru firewall

Justin glowecon at netscape.net
Tue Jul 11 12:59:30 MDT 2000


I have some client machines that are having trouble sending POP email thru
my ipchains firewall. Everytime I try to send an email I get a connection
time out because the pop server cannot be contacted. I can recieve mail just
fine however. Another thing is, while trying to watch the packets go thru the
firewall with sniffit I noticed that when the local interface is in
promiscuous mode the mail goes thru. I have the following rules for POP
input/output:

EXTERNAL_INTERFACE="eth1"
LOCAL_INTERFACE_1="eth0"
IPADDR="my.ip.adress"
LOCALNET_1="192.168.1.0/24"
UNPRIVPORTS="1024:65535"

# POP client (110)
# ----------------
ipchains -A output -i $EXTERNAL_INTERFACE -p tcp  \
-s $IPADDR $UNPRIVPORTS \
-d mypop.server.com 110 -j ACCEPT 

ipchains -A input  -i $EXTERNAL_INTERFACE -p tcp ! -y \
-s mypop.server.com 110 \
-d $IPADDR $UNPRIVPORTS -j ACCEPT 

ipchains -A output -i $EXTERNAL_INTERFACE -p tcp  \
-s $IPADDR $UNPRIVPORTS \
-d pop.dnvr.uswest.net 110 -j ACCEPT 

ipchains -A input  -i $EXTERNAL_INTERFACE -p tcp ! -y \
-s pop.dnvr.uswest.net 110 \
-d $IPADDR $UNPRIVPORTS -j ACCEPT 

This problem has plagued me for a long time. Is there anything special that
needs to be done for mail to be sent thru? Any ideas?

Justin 

____________________________________________________________________
Get your own FREE, personal Netscape WebMail account today at http://webmail.netscape.com.




More information about the LUG mailing list