Re: [suse-security] Incoming SMTP port filtering options with IPCHAINS
At 01:49 PM 19/01/2001 +0200, you wrote:
Hi All
What are the best options for filtering incoming Packets on the SMTP port with IPCHAINS (I know they are limited) , but still allowing the service to receive mail. Postfix is my MTA.
IPCHAINS is NOT an application level firewall, and as such does not understand the SMTP protocol. You either allow port 25 or you don't, you can enable/disable certain commands like Gauntlet Firewall can for instance. I was talking to Rusty (the Ipchains/netfilter programer) about this yesterday, and he is thinking of writing for application level stuff for netfilter, but it has not been done yet... Hope that Helps --- Nix - nix@susesecurity.com SuSE-Security FAQ Maintainer http://www.susesecurity.com
At 12:24 AM 22/01/2001 +1100, you wrote:
At 01:49 PM 19/01/2001 +0200, you wrote:
Hi All
What are the best options for filtering incoming Packets on the SMTP port with IPCHAINS (I know they are limited) , but still allowing the service to receive mail. Postfix is my MTA.
IPCHAINS is NOT an application level firewall, and as such does not understand the SMTP protocol. You either allow port 25 or you don't, you can enable/disable
OOPS.. That should be CAN'T
certain commands like Gauntlet Firewall can for instance. I was talking to Rusty (the Ipchains/netfilter programer) about this yesterday, and he is thinking of writing for application level stuff for netfilter, but it has not been done yet...
Hope that Helps
--- Nix - nix@susesecurity.com SuSE-Security FAQ Maintainer http://www.susesecurity.com
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
--- Nix - nix@susesecurity.com SuSE-Security FAQ Maintainer http://www.susesecurity.com
participants (1)
-
Nix