Allowing SMTP tofrom Your Firewalls


Allowing SMTP to/from Your Firewalls

In this configuration, our firewall (Host-A) is running a local MTA (Mail Transfer Agent). This MTA is responsible for sending and/or receiving of e-mail. It is assumed that you have correctly configured your MTA and that it functions when the firewall rules are not loaded. The following example rules should allow both host-based and network-protecting firewalls to allow the SMTP service on the firewall:

Receiving SMTP traffic on Host-A:

 $IPTABLES -A INPUT -p tcp--dport 25 -j ACCEPT 

This rule would allow inbound SMTP connections on all interfaces. If you wanted to limit this to a specific interface, say in the example of a firewall accepting mail only from an internal network, we would specify the interface with the following:

 # where eth1 is the internal interface $IPTABLES -A INPUT -i eth1 -p tcp--dport 25 -j ACCEPT 

For allowing outbound SMTP traffic from the firewall, we would use a connection tracking rule as follows:

 $IPTABLES -A OUTPUT -p tcp sport 25 -m state \       state NEW,ESTABLISHED,RELATED -j ACCEPT 



    Troubleshooting Linux Firewalls
    Troubleshooting Linux Firewalls
    ISBN: 321227239
    EAN: N/A
    Year: 2004
    Pages: 169

    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net