+ Post New Thread
Results 1 to 6 of 6
Wireless Networks Thread, Firewall rule help in Technical; Hi I set these outgoing rules in our firewall:- ALLOW ALL USERS PORT 53(DNS) WAN 208.67.220.220 ALLOW ALL USERS PORT ...
  1. #1

    Join Date
    Mar 2008
    Posts
    85
    Thank Post
    8
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Firewall rule help

    Hi

    I set these outgoing rules in our firewall:-

    ALLOW ALL USERS PORT 53(DNS) WAN 208.67.220.220
    ALLOW ALL USERS PORT 53(DNS) WAN 208.67.200.200
    BLOCK ALL USERS PORT 53(DNS)

    This had the desired effect of only allowing people internet access using the OpenDNS | Providing A Safer And Faster Internet DNS servers.

    The problem I had is that it no one was getting any emails from the exchange server. As soon as I took the rules off all emails came through.

    What do I need to change to allow the emails to work?

    Thanks

  2. #2

    Join Date
    Feb 2006
    Location
    Derbyshire
    Posts
    1,381
    Thank Post
    181
    Thanked 211 Times in 171 Posts
    Rep Power
    65
    Do you mean outbound or inbound email?

    Assuming your Exchange server could not send mail out, do you have your Exchange server SMTP set to deliver directly via DNS or via an upstream SMTP server? If you have it set to deliver directly using DNS and have different DNS servers manually configured on the Exchange server, I'd have thought this was nobbling all its lookups...

  3. #3

    Join Date
    Mar 2008
    Posts
    85
    Thank Post
    8
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Inbound email was stopped and I will have to check if the outgoing email gets affected by the rules. I'll post back this evening once I have checked.

  4. #4


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,473
    Thank Post
    866
    Thanked 848 Times in 670 Posts
    Rep Power
    196
    Run wireshark somewhere and finsd out what exchange is trying to do - in fact, should be easier in your firewall logs...

  5. #5

    Join Date
    Feb 2006
    Location
    Derbyshire
    Posts
    1,381
    Thank Post
    181
    Thanked 211 Times in 171 Posts
    Rep Power
    65
    Quote Originally Posted by IA76 View Post
    Inbound email was stopped and I will have to check if the outgoing email gets affected by the rules. I'll post back this evening once I have checked.
    Are you running Exchange 'properly' or using a catchall/POP3? Any situation where the exchange server has to lookup then make an outbound connection - eg to pick up POP3 mail then distribute would also be affected if your DNS settings on the server are for an external DNS which isn't the OpenDNS ones.

  6. #6

    ZeroHour's Avatar
    Join Date
    Dec 2005
    Location
    Edinburgh, Scotland
    Posts
    5,706
    Thank Post
    905
    Thanked 1,321 Times in 803 Posts
    Blog Entries
    1
    Rep Power
    445
    Why are you letting all users out to their dns? wont the clients point to your internal dns?
    Does your exchange point to your internal DNS?
    Have you setup the dns forwarding for your internal DNS?
    What version of exchange?
    Is your exchange your SMTP?
    What firewall?
    IIRC Exchange does a reverse lookup of the incoming ip's connection as well as a few other checks for IMF so it would need some sort of forwarding.

SHARE:
+ Post New Thread

Similar Threads

  1. Turning off one per day rule in nova t6
    By tony82 in forum MIS Systems
    Replies: 3
    Last Post: 13th June 2008, 11:15 PM
  2. .htaccess rewrite rule
    By localzuk in forum Web Development
    Replies: 2
    Last Post: 7th May 2008, 09:43 AM
  3. cylie rule
    By russdev in forum General Chat
    Replies: 1
    Last Post: 16th February 2008, 09:42 AM
  4. Rule 87
    By m25man in forum Windows
    Replies: 8
    Last Post: 16th March 2006, 11:52 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •