On 24/12/12 05:41, Mark Ford wrote:
My iptables is correct? - if so, how come the email comes through? I have the
same problem with other /24 netmasks, for example when trying to block mail
from Yell.
I can't see anything wrong either. I'd start debugging by adding
otherwise
> Is the above your complete iptables ruleset? Is this ruleset on the mail
>
> server in question, or on a seperate box? If on a seperate box, is it
>
> acting as a router, are you doing any NAT?
It's all on the same box. It's a complete ruleset except the additional DROP
lines which are identi
No other rules, see next post..
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/572de1d1-09a2-4adb-a3b1-ea1c031f3...@googlegroups.com
On Sun, Dec 23, 2012 at 05:10:45AM -0800, Mark Ford wrote:
> I am hoping someone can help show me where I'm going wrong.
> I have iptables setup in the following way, basically, I am
> using the chain "pests" to drop data from certain IPs.
>
>
> Chain INPUT (policy ACCEPT)
> target prot opt
Do you have an iptables rule somewhere that is allowing smtp?
--
John Hasler
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87623ssc9u@thumper.dhh.gt.org
I've checked my mainlog and the originating ip appears to be exactly the same
as the email header; 67.228.245.121
Could it be ip spoofing? How would they do that?
Or maybe exim is somehow accepting connections over udp? - I'm clutching at
straws!
Hoping someone can help me solve this. Thank yo
On 23 December 2012 16:41, Mark Ford wrote:
> Here is a shortened version of the output from iptables-save (full version
> simply has more "-A pests" lines).
>
> # Generated by iptables-save v1.4.8 on Sun Dec 23 16:24:43 2012
> *filter
> :INPUT ACCEPT [252417:278747603]
> :FORWARD ACCEPT [0:0]
>
Mark Ford a écrit :
> Here is a shortened version of the output from iptables-save (full version
> simply has more "-A pests" lines).
>
> # Generated by iptables-save v1.4.8 on Sun Dec 23 16:24:43 2012
> *filter
> :INPUT ACCEPT [252417:278747603]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [255016:2
Type: text/plain; charset="UTF-8"
As you can see from the top most Received: line, it gives the ip 67.228.245.121
You can also see my MTA is Exim (no other MTA).
My iptables is correct? - if so, how come the email comes through? I have the
same problem with other /24 netmasks, for example
Hello,
Mark Ford a écrit :
>
> Chain INPUT (policy ACCEPT)
> target prot opt source destination
> pests tcp -- 0.0.0.0/00.0.0.0/0
[...]
> Chain pests (1 references)
> target prot opt source destination
> DROP tcp -- 1.85.17.0/24
I am hoping someone can help show me where I'm going wrong.
I have iptables setup in the following way, basically, I am
using the chain "pests" to drop data from certain IPs.
Chain INPUT (policy ACCEPT)
target prot opt source destination
pests tcp -- 0.0.0.0/0
be assigned to hosts on
> the subnet?(also another was 64.122.34.83 & netmask 255.255.255.240 :( )
>
> i was used to looking at plain netmasks ie 255.255.255.0(ff00) etc
> which I understand fine but my grasp of anything else is less than
> good...
>
> any help
of IP addresses that could be
> assigned to hosts on the subnet?(also another was 64.122.34.83 &
> netmask 255.255.255.240 :( )
>
> i was used to looking at plain netmasks ie 255.255.255.0(ff00) etc
>
> which I understand fine but my grasp of anything else is less
[EMAIL PROTECTED] said:
> Given the hypothetical subnet 136.206.16.128 and netmask 255.255.255.128,
> state the valid range of IP addresses that could be assigned to hosts on
> the subnet?(also another was 64.122.34.83 & netmask 255.255.255.240 :( )
>
> i was used to lookin
hosts on
> the subnet?(also another was 64.122.34.83 & netmask 255.255.255.240 :( )
>
> i was used to looking at plain netmasks ie 255.255.255.0(ff00) etc
> which I understand fine but my grasp of anything else is less than
> good...
>
> any help is appreciated..
mask 255.255.255.240 :( )
i was used to looking at plain netmasks ie 255.255.255.0(ff00) etc
which I understand fine but my grasp of anything else is less than
good...
any help is appreciated..
thanks
Martin.
--
Real programmers don't document. If it was hard to write,
it shoul
hat
> way
> for nearly 2 years. (netmasks have always been a bit of voodoo magic
> for me anyway (see question below)- ack!) However, our IS dept. told
> us to use that subnet mask and additionally delegated us a domain and
> the 4 class C subnets for our testing use. At least
17 matches
Mail list logo
