[ previous ] [ next ] [ threads ]
 From:  Claudio Castro <ccastro at unr dot edu dot ar>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  smtp firewalls rules
 Date:  Sun, 13 Nov 2005 01:21:13 -0300
I have a simple question, I was checking my firewall logs when I saw 
that there was a lot of traffic been blocked, the interface WAN, source 
was e.g. hotmail, the source port 25, destination my mail server, 
destination port was random (e.g.32612).
Now, whats happening here? should I accept traffic from internet with 
source port 25? why is hotmail sending traffic with the source 25 to my 
mail server?


Here a copy of my logs:

	01:10:51.272485 	DMZ <?if=DMZ>, port 35614 <?sp=35614>, port 25 <?dp=25> 	TCP <?pr=TCP>
<?act=b> 	01:10:53.964444 	WAN <?if=WAN>, port 25 
<?sp=25>, port 35612 <?dp=35612> 	TCP <?pr=TCP>