DOS Attack :( Resolved

[Pete]

Thanks you KINDLY to those who took the time to read my many posts, that
i now realize were poorly formatted and made it difficult for the kind
souls of this list to assist me. My apologies, and thanks.

The problem, as suggested by more than one person was our firewall.

Our firewall is a watchguard firebox that is managed by our IT guy in
another campus, he is no networking guru, he made a change and for
reasons he cannot explain, my mailservers acquired buggered up DNS
access. I had checked with him 3 times yesterday to get him to double
check that i had DNS access, he assured me i did. This morning i asked
him to make a rule to allow any in/out traffic to mail servers while i
tested and they instantly began working, he fixed from there.

Still even after 'rectification' RBLs fail intermittently, but mail does
get processed, but very slowly.

He has explicitly given access to these server to the following ports,
anything we have we dont need to run MS and SA, or anything extra we
should have turned on?. (i plan to turn on dcc, pyzor and razor2 after
this mess is sorted)

Outbound
tcp   7
udp   6277
udp   24441
tcp   2703
tcp   53
udp   53
tcp   25 + inbound
tcp   80 + inbound
tcp    445
udp    445