On Tuesday 17 February 2004 9:20 pm, Corey Furman wrote:
> When I enabled these rules, but then sendmail (on the same box) started
> timing out talking to other mail servers. Does anyone see why?
Yes. Your first INPUT rule blocks all TCP packets coming in to ports in the
range 11001 to 65535 (why do you have this rule?).
That means on average there's an 85% chance that any connection from this
machine will not be able to receive a response, depending on the source port
it chooses to communicate from.
By the way, I'd just like to comment that it's not a good idea to run sendmail
(or any other application for that matter) on your firewall.
Regards,
Antony.
--
Documentation is like sex.
When it's good, it's very very good.
When it's bad, it's still better than nothing.
Please reply to the list;
please don't CC me.
