* Jimmy <squid@xxxxxxxxxx> 11. Jun 05: > Hello, Hi, > Jun 11 12:25:40 bogus kernel: Dropped Out Rule: IN= OUT=eth0 > SRC=212.100.249.100 DST=137.149.3.22 LEN=75 TOS=0x00 PREC=0x00 TTL=64 > ID=27797 DF PROTO=TCP SPT=25 DPT=34934 WINDOW=1448 RES=0x00 ACK PSH FIN > URGP=0 > > I am not sure what should be going out with a source port of 25 and a > destination port that is so high. I thought that an outgoing connection > from the server should be established with a high source port and a low > (service) destination port?. It's not an outgoing one, it's a FIN packet, that tries to close an already established connection. Check your MTA, AFAICS it binds to the external interface and accepts connections from the internet. Check your input rules too. > I am trying to work out if that rule would be resulting in a drop in > email. Im not seeing any OUTBOUND email in the queue.. IIRC MTAs delivering mail should connect from a high port. In all cases the connection will go to port 25, not to a high port as in your log snippet. HTH, regards, Frank. -- Sigmentation fault
