On Mon, May 24, 2004 at 01:29:57PM +0100, Jonathon McKitrick wrote: > > This is probably a simple question with a simple answer, but I wasn't sure > where to look. > > I recently installed a deny-all firewall and everything is working fine. > However, I keep getting /kernel log messages about attempts to connect to > port 25. Are these just various processes trying to mail their results to > root, but can't because of the firewall? Or maybe cron doing the same thing? > > May 24 08:00:00 neptune /kernel: Connection attempt to TCP 127.0.0.1:25 from > 127.0.0.1:1101 flags:0x02 > May 24 08:00:00 neptune /kernel: Connection attempt to TCP 127.0.0.1:25 from > 127.0.0.1:2270 flags:0x02 > May 24 08:05:00 neptune /kernel: Connection attempt to TCP 127.0.0.1:25 from > 127.0.0.1:4230 flags:0x02 > May 24 08:10:00 neptune /kernel: Connection attempt to TCP 127.0.0.1:25 from > 127.0.0.1:2687 flags:0x02 > May 24 08:15:00 neptune /kernel: Connection attempt to TCP 127.0.0.1:25 from > 127.0.0.1:3274 flags:0x02 > May 24 08:20:00 neptune /kernel: Connection attempt to TCP 127.0.0.1:25 from > 127.0.0.1:1542 flags:0x02 > May 24 08:25:00 neptune /kernel: Connection attempt to TCP 127.0.0.1:25 from > 127.0.0.1:3652 flags:0x02
If you're using sendmail, that the client mail submission instance
trying to hand off a message to the MTA instance. If you type
# mailq -Ac
you should be able to see what been queued up.
You will have to alter your firewalling to allow TCP connections
localhost:any -> localhost:smtp in order to get e-mail working on that
machine.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
pgpmbtB1O9Fod.pgp
Description: PGP signature
