> Do you have any issues or do the drops result in errors on the
> mailserver and or in the communication ?
I had some issues where postfix complained about "Tempory alias lookup
failures" while connecting to the ldap server. but they seem to have
disappered by now...still, I have an insecure feeling about this since
this server's gonna be our productive mailserver...
Jeroen Visser wrote:
> See this in the manual page.
> I had a hard time accepting/believing this, but as for now, all drops I got did
> not result in any network issues. So it must be true. ;-)
> Do you have any issues or do the drops result in errors on the mailserver and or
> in the communication ?
> On Tue, 26 Sep 2006 10:49:00 +0200, Reto Buerki wrote
>> Hi List
>> I have a problem regarding a mailserver inside my DMZ (sis2). the
>> mailserver retrieves the data for user auth over LDAP (secured with
>> TLS). I created a rule to allow this specific kind of traffic:
>> <escr>Allow LDAP from mailx to pdc</descr>
>> Every day I have entries in my log like these:
>> 300:1 p sis2 1952 tcp packets from 192.168.X.X to 172.24.Y.Y port 389
>> 0:17 b sis2 78 tcp packets from 192.168.0.5 to 172.24.X.X port 389 (ldap)
>> why are there some packets blocked? I explicitly allowed these kind of
>> packets to pass....
>> the detailled packets look like this:
>> Sep 26 09:27:35 172.24.Y.Y ipmon: 09:27:35.872910 sis2 @300:1 p
>> 192.168.Y.Y,54979 -> 172.24.X.X,389 PR tcp len 20 60 -S K-S IN
>> Sep 26 08:50:38 172.24.Y.Y ipmon: 08:50:38.256087 sis2 @0:17 b
>> 192.168.Y.Y,39282 -> 172.24.X.X,389 PR tcp len 20 52 -AR IN
>> I just want to make sure this behavior is intended and normal before
>> this server becomes our production server.
>> Thanks for your help
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
secunet SwissIT AG
CH - 4501 Solothurn
E-Mail: buerki at swiss dash it dot ch
Tel.: + 41 32 625 80 45
Fax: + 41 32 625 80 41
>---- PGP Fingerprint
752C 4EBC 115D 5EAD 75F7
0F34 A0AE 8AD7 3DC3 59DE