|
||||||||
On 11/12/05, Claudio Castro <ccastro at unr dot edu dot ar> wrote: > I have a simple question, I was checking my firewall logs when I saw > that there was a lot of traffic been blocked, the interface WAN, source > was e.g. hotmail, the source port 25, destination my mail server, > destination port was random (e.g.32612). > Now, whats happening here? > packets get duplicated or come in after the particular state has been torn down and they get dropped because they aren't within the state table anymore. see: http://doc.m0n0.ch/handbook/faq-legit-traffic-dropped.html > should I accept traffic from internet with > source port 25? > no. > why is hotmail sending traffic with the source 25 to my > mail server? > reply packets to your outbound SMTP traffic to Hotmail. -Chris |