• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 251
  • Last Modified:

Speedstream 5861 and MS Exchange

Running MS Exchange on SBS 2000 server, using Speedstream 5861. External address of router is different than Exchange server MX record. Server receives email just fine, but outgoing email hangs in the SMTP queue until the drop rules are deleted.

Can anyone tell me what I did wrong?

Config:

# rem ipfilter list internet
# watching for dropped/rejected packets is OFF

# Begin rules for input list
remote ipfilter flush  input internet
remote ipfilter insert 1 input accept -c 63314 -p tcp -sp 80 internet
remote ipfilter insert 2 input accept -c 3633 -p tcp -sp 443 internet
remote ipfilter insert 3 input accept -c 0 -p udp -sp 123 internet
remote ipfilter insert 4 input accept -c 0 -p tcp -sp 23 internet
remote ipfilter insert 5 input accept -c 2767 -p udp -sp 53 internet
remote ipfilter insert 6  input accept -c 584 -p tcp -sp 25 internet
remote ipfilter insert 7 input accept -c 499 -p tcp -da 64.20.112.170 -dp 25 int
ernet
remote ipfilter insert 8  input accept -c 1425 -p tcp -sp 110 internet
remote ipfilter insert 9  input accept -c 435 -p tcp -da 64.20.112.170 -dp 110 i
nternet
remote ipfilter insert 10 input drop -c 410 internet
# End rules for input list

# Begin rules for output list
remote ipfilter flush  output internet
remote ipfilter insert 1 output accept -c 56299 -p tcp -dp 80 internet
remote ipfilter insert 2 output accept -c 3301 -p tcp -dp 443 internet
remote ipfilter insert 3 output accept -c 0 -p udp -dp 123 internet
remote ipfilter insert 4 output accept -c 6 -p tcp -dp 23 internet
remote ipfilter insert 5 output accept -c 2834 -p udp -dp 53 internet
remote ipfilter insert 6  output accept -c 482 -p tcp -dp 25 internet
remote ipfilter insert 7 output accept -c 364 -p tcp -sa 64.20.112.170 -sp 25 in
ternet
remote ipfilter insert 8  output accept -c 816 -p tcp -dp 110 internet
remote ipfilter insert 9  output accept -c 10 -p tcp -sa 64.20.112.170 -sp 110 i
nternet
remote ipfilter insert 10 output drop -c 239 internet
# End rules for output list

# Begin rules for forward list
remote ipfilter flush  forward internet
# End rules for forward list
0
Quetzal
Asked:
Quetzal
1 Solution
 
QuetzalAuthor Commented:
Doh!  A couple of very good tech spt people from Efficient came to my rescue (thanks Jane and Steve).  Thought I would post the answer in case it helps someone else.

Turns out I needed to enable DNS via TCP port 53 in addition to UDP port 53.

Live and learn.
0
 
moduloCommented:
PAQ'd and points refunded

modulo

Community Support Moderator
Experts Exchange
0

Featured Post

[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now