ahhh... my bad.... I don't even see a HELO/EHLO message.... the reply from my server on an initial
message from a delivering mailserver gets blocked by m0n0... 

> Date: Mon, 1 Jan 2007 16:26:56 -0600> From: rmullins at ciscomonkey dot net> To: elgerb at hotmail dot com> CC:
m0n0wall at lists dot m0n0 dot ch> Subject: Re: [m0n0wall] port 25> > If you are seeing the HELO/EHLO coming
from the other mail server, then there is not an > issue with your m0n0 setup. To test it to make
sure, you can actually just use telnet to > emulate a connection from a mail server. Here's an
example that I did with my mail server:> > $ telnet mail.ciscomonkey.net 25> > 220
mail.ciscomonkey.net ESMTP Postfix> helo mail.example.net> 250 mail.ciscomonkey.net> mail from:
externalemailuser at example dot net> 250 2.1.0 Ok> rcpt to: rmullins at ciscomonkey dot net> 250 2.1.5 Ok> data>
354 End data with <CR><LF>.<CR><LF>> This is just a test message from outside.> .> 250 2.0.0 Ok:
queued as 18A6790CCDB> quit> 221 2.0.0 Bye> > Connection to host lost.> > * e+p <elgerb at hotmail dot com>
[2007-01-01 19:52:31]:> > > I think I didn't make it quite clear what the issue is...> > Sending
mail is no problem (so outgoing traffic on port 25 is no issue).> > Incoming mail (incoming on port
25) is an issue, the signal comes in over port 25, > > gets to my mailserver (port 25), my
mailserver sends a reply (I guess something like EHLO) > > from port 25 to the mailsendig-server ->
-that- message gets blocked by the firewall... :S> > > > > > > > > Date: Mon, 1 Jan 2007 18:16:54
+0200> From: kimmo dot jaskari at gmail dot com> To: m0n0wall at lists dot m0n0 dot ch> Subject: Re: [m0n0wall] port 25> >
On 1/1/07, Christoph Hanle <christoph dot hanle at leinpfad dot de> wrote:> > e+p wrote:> > > I can't figure
out why external mailservers can't reach my mailserver.I've forwarded port 25 to the internal
ipaddress of my mailserver (the NAT & rule).But when I look in the logging, port 25 seems to be
natted to my mailserver but when my mailserver replyes the reply is being blocked my the firewall.It
doesn't make a difference if I add a rule to allow traffic from internal mailserver port 25 to any
ipaddress/any port. Can anyone help me out?? TIA> > > Error, you have a misunderstanding of source-
and destinationport.> > the destinationport is always port 25. so you need an outgoing rule> > like:
allow my mailserver TCP all to port 25 TCP,address 0.0.0.0.> > In fact you need rules to allow
traffic on port 25 both in and out. In> addition, you might want to add port 587, the "submission"
port.> > If you're on a (home) DSL or cable, keep in mind that some ISP's do> block traffic on port
25 these days to keep down the spam and virus> floods that propagate themselves via mail. You can
always try the> tried-and-true approach of using telnet to connect to an external> mailserver on
port 25 to see if you get a response. The block may not> be in your firewall, that is, it may be
externally imposed by your> ISP.> > -- > -{ Kimmo Jaskari }--{ kimmo dot jaskari at gmail dot com }--> > "In
the beginning the Universe was created. This made a lot of people> very angry and has been widely
regarded as a bad move."> - "Hitchhikers Guide", Douglas Adams> >
---------------------------------------------------------------------> To unsubscribe, e-mail:
m0n0wall dash unsubscribe at lists dot m0n0 dot ch> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch> >
> _________________________________________________________________> > Probeer Live.com: jouw leven
online met nieuws, sport, weer en nog veel meer.> > http://www.live.com/getstarted> >
---------------------------------------------------------------------> To unsubscribe, e-mail:
m0n0wall dash unsubscribe at lists dot m0n0 dot ch> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch> 
_________________________________________________________________
Leef je uit: ontwerp je startpagina precies zoals jij het wil hebben op Live.nl.
http://www.live.com/getstarted