|
Title: Cannot Block Port 25 Post by: artilheiro.mz on Thursday 20 September 2012, 06:33:38 pm Hello
this is my first experience with EFW. My mailserver public IP is currently being listed on a lot of anti spam blocklists. and when i searched for the motives, it seems that all of the pc's of my network could comunicate outside using port 25. I then forgot the most common rule to apply to a firewall. Block all ports and only open outgoing ports from what you need. So then i opened the most common ports i used, and specified that my mailserver ip comunicated to port 25. and created a rule on the bottom of the priority list to block all other outgoing ports from my network to the internet. The thing is, i can still telnet from my network pc to some other company's smtp. I even tried addind a rule after the outgoing port 25 on my server, saying that all outgoing connections to port 25 are rejected. but it still isnt "working" what am i doing wrong? please see attached image of the outgoing configuration of the firewall im using EFW 2.5 community imageshack.us/a/img818/5158/efwoutgoing.jpg many thanks in advance Title: Re: Cannot Block Port 25 Post by: fqureshi on Thursday 20 September 2012, 06:43:10 pm Add the rule and then turn off outgoing firewall or restart the firewall. What i have experienced just today is that after creating outgoing rule you have to restart firewall or disable and enable outgoing firewall otherwise it is not applied to running rules.
Title: Re: Cannot Block Port 25 Post by: artilheiro.mz on Thursday 20 September 2012, 07:00:47 pm I've now added this rule in red
imageshack.us/a/img62/1429/efwoutgoing2.jpg and rebooted the firewall i can still telnet from my pc to another smtp But shouldnt the rule marked in blue also be blocking everything else not listed? what might i be doing wrong? Title: Re: Cannot Block Port 25 Post by: endianupdate on Friday 21 September 2012, 12:49:32 am You do not need rules 6 or 15 in your image as anything not specifically allowed will be denied automatically by the Endian firewall.
To troubleshoot what is happening start from the beginning; Disable all outbound firewall rules and apply, turn on 'Log accepted outgoing connections' on Firewall > Outgoing Traffic screen (also check outgoing firewall is enabled :) ) Now open the firewall log, Logs > Firewall Live Log Try to telnet to an external SMTP server and check the firewall logs, you should see an entry like; FORWARD:DROP TCP (br0) ,<pc ip>:55198 -> <server ip>:25 (eth3) Now start enabling your outgoing firewall rules ONE at a time and try connecting to the external SMTP after every change, this will allow you to see which rule is allowing your outbound SMTP connection. Hope this helps. Title: Re: Cannot Block Port 25 Post by: artilheiro.mz on Thursday 27 September 2012, 08:11:09 pm Well, i now tried deleting every rule there, and started adding each one from scratch.
Problem solved. Here is how it is done at the moment imageshack.us/a/img189/9015/efwoutgoing3.jpg Its working now :D thank you all |