[Shorewall-users] ProxyArp Implementation check

Graeme Boyle g.boyle3 at verizon.net
Thu Dec 4 11:30:52 PST 2003


Ama,

Unfortunately, I do not know the Kerio Mail software. Perhaps someone else
could assist or you could contact them for assistance.

Graeme 

> -----Original Message-----
> From: Ama Kalu [mailto:ama.kalu at cwlgroup.net] 
> Sent: Thursday, December 04, 2003 11:21 AM
> To: g.boyle3 at verizon.net; 'Mailing List for Experienced 
> Shorewall Users'
> Subject: RE: [Shorewall-users] ProxyArp Implementation check
> 
> Graeme,
> 
> This is not sendmail. This is Kerio Mail server 5 running on 
> Windows XP
> 
> Ama
> 
> >-----Original Message-----
> >From: shorewall-users-bounces at lists.shorewall.net
> [mailto:shorewall-users-
> >bounces at lists.shorewall.net] On Behalf Of Graeme Boyle
> >Sent: Thursday, December 04, 2003 3:50 PM
> >To: 'Mailing List for Experienced Shorewall Users'
> >Subject: RE: [Shorewall-users] ProxyArp Implementation check
> >
> >Sounds like a sendmail configuration setting on your mail server. The
> >default sendmail configuration is to listen to the localhost. Check
> your
> >sendmail.cf file for this:
> >
> ># SMTP daemon options
> >
> >O DaemonPortOptions=Port=smtp,Addr=127.0.0.1, Name=MTA
> >
> >And change the "Addr" to the correct IP address or remove this option
> >completely.
> >
> >Graeme
> >
> >> -----Original Message-----
> >> From: shorewall-users-bounces at lists.shorewall.net
> >> [mailto:shorewall-users-bounces at lists.shorewall.net] On
> >> Behalf Of Ama Kalu
> >> Sent: Thursday, December 04, 2003 9:29 AM
> >> To: shorewall-users at lists.shorewall.net
> >> Subject: [Shorewall-users] ProxyArp Implementation check
> >>
> >> Dear All,
> >>
> >> I have just implemented ProxyARP with my Mail server behind
> >> shorewall.
> >>
> >> It appears to be working OK as I can both send and receive 
> mails, and
> >> this server is available to both the NET and my LAN using the same
> >> public IP.
> >>
> >> The only port open to the net from shorewall is https (443)
> >>
> >> I have attempted to reach both the Mailserver and the
> >> firewall with nmap
> >> and failed.
> >>
> >> But I have been seeing this in my Mail server logs for the
> >> past 24 hours
> >> since I did this ProxyARP thing.
> >>
> >> "Connection attempt to service SMTP from IP address 127.0.0.1
> >> rejected."
> >>
> >> My question is this;
> >>
> >> Is someone attempting some form of exploit via https on my
> >> mail server?
> >> How did this person go past shorewall? Has anyone any idea
> >> what is going
> >> on?
> >>
> >> Are there other ways of testing that ProxyARP and shorewall
> >> are working
> >> as designed?
> >>
> >> Thanks for your assistance.
> >>
> >> Ama
> >> _______________________________________________
> >> Shorewall-users mailing list
> >> Post: Shorewall-users at lists.shorewall.net
> >> Subscribe/Unsubscribe:
> >> https://lists.shorewall.net/mailman/listinfo/shorewall-users
> >> Support: http://www.shorewall.net/support.htm
> >> FAQ: http://www.shorewall.net/FAQ.htm
> >>
> >
> >_______________________________________________
> >Shorewall-users mailing list
> >Post: Shorewall-users at lists.shorewall.net
> >Subscribe/Unsubscribe:
> >https://lists.shorewall.net/mailman/listinfo/shorewall-users
> >Support: http://www.shorewall.net/support.htm
> >FAQ: http://www.shorewall.net/FAQ.htm
> 
> 



More information about the Shorewall-users mailing list