[Shorewall-users] ProxyArp Implementation check

Graeme Boyle g.boyle3 at verizon.net
Thu Dec 4 09:49:39 PST 2003

Sounds like a sendmail configuration setting on your mail server. The
default sendmail configuration is to listen to the localhost. Check your
sendmail.cf file for this:

# SMTP daemon options

O DaemonPortOptions=Port=smtp,Addr=, Name=MTA

And change the "Addr" to the correct IP address or remove this option


> -----Original Message-----
> From: shorewall-users-bounces at lists.shorewall.net 
> [mailto:shorewall-users-bounces at lists.shorewall.net] On 
> Behalf Of Ama Kalu
> Sent: Thursday, December 04, 2003 9:29 AM
> To: shorewall-users at lists.shorewall.net
> Subject: [Shorewall-users] ProxyArp Implementation check
> Dear All,
> I have just implemented ProxyARP with my Mail server behind 
> shorewall. 
> It appears to be working OK as I can both send and receive mails, and
> this server is available to both the NET and my LAN using the same
> public IP. 
> The only port open to the net from shorewall is https (443)
> I have attempted to reach both the Mailserver and the 
> firewall with nmap
> and failed.
> But I have been seeing this in my Mail server logs for the 
> past 24 hours
> since I did this ProxyARP thing.
> "Connection attempt to service SMTP from IP address 
> rejected."
> My question is this;
> Is someone attempting some form of exploit via https on my 
> mail server?
> How did this person go past shorewall? Has anyone any idea 
> what is going
> on?
> Are there other ways of testing that ProxyARP and shorewall 
> are working
> as designed?
> Thanks for your assistance.
> Ama
> _______________________________________________
> Shorewall-users mailing list
> Post: Shorewall-users at lists.shorewall.net
> Subscribe/Unsubscribe: 
> https://lists.shorewall.net/mailman/listinfo/shorewall-users
> Support: http://www.shorewall.net/support.htm
> FAQ: http://www.shorewall.net/FAQ.htm

More information about the Shorewall-users mailing list