[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] smtp firewalls rules
 Date:  Sun, 13 Nov 2005 21:30:38 -0500
On 11/12/05, Claudio Castro <ccastro at unr dot edu dot ar> wrote:
> I have a simple question, I was checking my firewall logs when I saw
> that there was a lot of traffic been blocked, the interface WAN, source
> was e.g. hotmail, the source port 25, destination my mail server,
> destination port was random (e.g.32612).
> Now, whats happening here?
>

packets get duplicated or come in after the particular state has been
torn down and they get dropped because they aren't within the state
table anymore.

see:  http://doc.m0n0.ch/handbook/faq-legit-traffic-dropped.html

> should I accept traffic from internet with
> source port 25?
>

no.


> why is hotmail sending traffic with the source 25 to my
> mail server?
>

reply packets to your outbound SMTP traffic to Hotmail.

-Chris