What are the Linux firewall rules for only email data and is there a way for Linux to control <br><br><br>unsolicited mail?
Posted on 2002-04-24
MY LINUX SERVER IS AN INTERMEDIARY BETWEEN THE INTERNET AND MY INTERNAL NETWORK. IT USES A NIC TO CONNECT TO THE INTERNET AND A SECOND NIC TO CONNECT TO THE INTERNAL NETWORK. INBOUND MAIL COMES IN FROM THE INTERNET TO THE LINUX SERVER WHICH IS THE DEFINED EMAIL SERVER ON THE INTERNIC. THE LINUX SERVER THEN ROUTES ALL MAIL WITH THE DOMAIN ADDRESS TO THE INTERNAL NETWORK TO A WINNT SERVER WHICH HAS MS EXCANGE SERVER 5.5.
OUTBOUND MAIL IS RECEIVED BY THE INTERNAL EXCHANGE SERVER AND ROUTED TO THE LINUX SERVER WHICH SENDS IT OUT TO THE INTERNET.
ALL THE ABOVE WORKS WELL EXCEPT WHEN I ENABLE THE IPCHAINS RULES AS DESCRIBED BELOW NO MAIL IS TRANSFERRED IN EITHER DIRECTIONS.
IT SEEMS THAT THE RULES NEED TO CHANGE FOR THE SCENARIO DESCRIBED ABOVE. I HAVE TRIED MANY COMBINATIONS OF RULES TO CONFIGURE IT TO ACCEPT ONLY MAIL AND TO BLOCK ALL OTHER SERVICES BUT THE MAIL IS STILL ONLY QUEUED AND NOT SENT.
With the ipchains firewall rules mail is not being relayed in any direction. If all my outbound mail is routed to my Linux server from one internal server shouldn't this be factored in the firewall rules?
The iptables options did not work maybe I don't have it enabled.
The ipchains options worked. I then enabled IP forwarding.
Subsequently I could not browse on the Internet or even ping the server which is fine! However, I rebooted and then I could browse again from the server. Does rebooting reset the ipchain settings? If so, do I need to reapply the commands?
This Linux server is intended only to route mail (pass thru). However, I would like to configure the Linux firewall to block all other types of connections and data and would like to know where and how to configure Linux to achieve that.