Networks Thread, Firewall rule help in Technical; Hi
I set these outgoing rules in our firewall:-
ALLOW ALL USERS PORT 53(DNS) WAN 208.67.220.220
ALLOW ALL USERS PORT ...
-
23rd July 2008, 10:25 AM #1 
- Rep Power
- 0
Firewall rule help
Hi
I set these outgoing rules in our firewall:-
ALLOW ALL USERS PORT 53(DNS) WAN 208.67.220.220
ALLOW ALL USERS PORT 53(DNS) WAN 208.67.200.200
BLOCK ALL USERS PORT 53(DNS)
This had the desired effect of only allowing people internet access using the OpenDNS | Providing A Safer And Faster Internet DNS servers.
The problem I had is that it no one was getting any emails from the exchange server. As soon as I took the rules off all emails came through.
What do I need to change to allow the emails to work?
Thanks
-
-
IDG Tech News
-
23rd July 2008, 10:43 AM #2 Do you mean outbound or inbound email?
Assuming your Exchange server could not send mail out, do you have your Exchange server SMTP set to deliver directly via DNS or via an upstream SMTP server? If you have it set to deliver directly using DNS and have different DNS servers manually configured on the Exchange server, I'd have thought this was nobbling all its lookups...
-
-
23rd July 2008, 11:24 AM #3
- Rep Power
- 0
Inbound email was stopped and I will have to check if the outgoing email gets affected by the rules. I'll post back this evening once I have checked.
-
-
23rd July 2008, 11:48 AM #4 Run wireshark somewhere and finsd out what exchange is trying to do - in fact, should be easier in your firewall logs...
-
-
23rd July 2008, 12:01 PM #5 
Originally Posted by
IA76 
Inbound email was stopped and I will have to check if the outgoing email gets affected by the rules. I'll post back this evening once I have checked.
Are you running Exchange 'properly' or using a catchall/POP3? Any situation where the exchange server has to lookup then make an outbound connection - eg to pick up POP3 mail then distribute would also be affected if your DNS settings on the server are for an external DNS which isn't the OpenDNS ones.
-
-
23rd July 2008, 12:26 PM #6 Why are you letting all users out to their dns? wont the clients point to your internal dns?
Does your exchange point to your internal DNS?
Have you setup the dns forwarding for your internal DNS?
What version of exchange?
Is your exchange your SMTP?
What firewall?
IIRC Exchange does a reverse lookup of the incoming ip's connection as well as a few other checks for IMF so it would need some sort of forwarding.
-
SHARE:
Similar Threads
-
By tony82 in forum MIS Systems
Replies: 3
Last Post: 13th June 2008, 11:15 PM
-
By localzuk in forum Web Development
Replies: 2
Last Post: 7th May 2008, 09:43 AM
-
By russdev in forum General Chat
Replies: 1
Last Post: 16th February 2008, 10:42 AM
-
By m25man in forum Windows
Replies: 8
Last Post: 17th March 2006, 12:52 AM
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
LinkBack URL
About LinkBacks
Reply With Quote
