[Shorewall-users] ProxyArp Implementation check

Ama Kalu ama.kalu at cwlgroup.net
Thu Dec 4 17:20:30 PST 2003


Graeme,

This is not sendmail. This is Kerio Mail server 5 running on Windows XP

Ama

>-----Original Message-----
>From: shorewall-users-bounces at lists.shorewall.net
[mailto:shorewall-users-
>bounces at lists.shorewall.net] On Behalf Of Graeme Boyle
>Sent: Thursday, December 04, 2003 3:50 PM
>To: 'Mailing List for Experienced Shorewall Users'
>Subject: RE: [Shorewall-users] ProxyArp Implementation check
>
>Sounds like a sendmail configuration setting on your mail server. The
>default sendmail configuration is to listen to the localhost. Check
your
>sendmail.cf file for this:
>
># SMTP daemon options
>
>O DaemonPortOptions=Port=smtp,Addr=127.0.0.1, Name=MTA
>
>And change the "Addr" to the correct IP address or remove this option
>completely.
>
>Graeme
>
>> -----Original Message-----
>> From: shorewall-users-bounces at lists.shorewall.net
>> [mailto:shorewall-users-bounces at lists.shorewall.net] On
>> Behalf Of Ama Kalu
>> Sent: Thursday, December 04, 2003 9:29 AM
>> To: shorewall-users at lists.shorewall.net
>> Subject: [Shorewall-users] ProxyArp Implementation check
>>
>> Dear All,
>>
>> I have just implemented ProxyARP with my Mail server behind
>> shorewall.
>>
>> It appears to be working OK as I can both send and receive mails, and
>> this server is available to both the NET and my LAN using the same
>> public IP.
>>
>> The only port open to the net from shorewall is https (443)
>>
>> I have attempted to reach both the Mailserver and the
>> firewall with nmap
>> and failed.
>>
>> But I have been seeing this in my Mail server logs for the
>> past 24 hours
>> since I did this ProxyARP thing.
>>
>> "Connection attempt to service SMTP from IP address 127.0.0.1
>> rejected."
>>
>> My question is this;
>>
>> Is someone attempting some form of exploit via https on my
>> mail server?
>> How did this person go past shorewall? Has anyone any idea
>> what is going
>> on?
>>
>> Are there other ways of testing that ProxyARP and shorewall
>> are working
>> as designed?
>>
>> Thanks for your assistance.
>>
>> Ama
>> _______________________________________________
>> Shorewall-users mailing list
>> Post: Shorewall-users at lists.shorewall.net
>> Subscribe/Unsubscribe:
>> https://lists.shorewall.net/mailman/listinfo/shorewall-users
>> Support: http://www.shorewall.net/support.htm
>> FAQ: http://www.shorewall.net/FAQ.htm
>>
>
>_______________________________________________
>Shorewall-users mailing list
>Post: Shorewall-users at lists.shorewall.net
>Subscribe/Unsubscribe:
>https://lists.shorewall.net/mailman/listinfo/shorewall-users
>Support: http://www.shorewall.net/support.htm
>FAQ: http://www.shorewall.net/FAQ.htm




More information about the Shorewall-users mailing list