RBL timing out
bnixon
bnixon at NIXTECH.NET
Wed Dec 24 14:44:50 GMT 2003
I had similar problems with both the rdbl's and my virus software.
Itables can be a statefull firewall (see post from last week) but has to
be properly set up to do so. All of my firewall problems went away when
I did this and my tables are much smaller.
Basically statefull means that if the server makes an outside request
then the answer to that request will be allowed back through the
firewall automatically.
I used shorewall firewall and the webmin interface to set this up.
The default single network card template set the firewall up as
statefull by default and all I had to do was open up SMTP and some
management ports.
You would not believe how much smoother things run now.
B Nixon
-----Original Message-----
From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On
Behalf Of smhickel
Sent: Tuesday, December 23, 2003 6:51 PM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: RBL timing out {Scanned by WPPi.Net}
This is a great question. Just this evening I asked myself the same
question. I locked down my mailscanner with IPTABLES and tried to figure
out what port the RDBL's were using and what port the clamav service
used to update itself?
Steve
SW wrote:
>Matt,
>
>Our firewall blocks entire IP blocks with no traffic coming-in or
going-out.
>DNS is premitted to go out but only to those IP blocks which are not
>blocked. The only way I see I can get RBL to work is by inputting an IP
>address/range for the ORDB-RBL servers that mailscanner/spamassassin
>contact.
>
>Thanks,
>
>SW
>----- Original Message -----
>From: "Matt Kettler" <mkettler at EVI-INC.COM>
>To: <MAILSCANNER at JISCMAIL.AC.UK>
>Sent: Tuesday, December 23, 2003 4:20 PM
>Subject: Re: RBL timing out {Scanned by WPPi.Net}
>
>
>At 04:08 PM 12/23/2003, SW wrote:
>
>
>>I'm trying to figure out what ip address and port(s) I need to open up
on
>>
>>
>my
>
>
>>firewall to allow the use of ORDB-RBL w/ Mailscanner and spamassassin:
>>
>>MailScanner: RBL Check ORDB-RBL timed out and was killed, consecutive
>>failure 1 of 7
>>
>>
>
>It's a DNS query. You need to be able to do DNS resolution.
>
>If your MS/SA machine is it's own resolving server, then it needs to be
>able to query to arbitrary DNS servers.
>
>If your MS/SA machine uses another server for resolution it needs to be
>able to talk to that DNS server, and that DNS server needs to be able
to
>talk to query DNS servers.
>
>You can tell what machine is being used as a resolver by looking at
>/etc/resolv.conf. A machine that's it's own resolver will have
"localhost"
>
>
>
>
>
>WPPi.com & WPPi.Net MailScanner Signature
>This message has been scanned for viruses
>and dangerous content by MailScanner, and
>is believed to be clean.
>-----------------------------------------
>
>
>
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
MailScanner thanks transtec Computers for their support.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
MailScanner thanks transtec Computers for their support.
More information about the MailScanner
mailing list