[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: pf and Microsoft Exchange IMAPS
The next step might be a tcpdump on the external interface
to watch the traffic and see that it's not doing something
suprising on some other port or something.
On 11/16/2005 10:20:01 AM, Raphael GRUNDRICH wrote:
pass in quick on $ext_if \
proto tcp \
from any to 192.168.1.1 port imaps flags S/SA synproxy state
I have seen applications running under Windows 2000 that violate the
2MSL TCP rule, reusing the source ip/port destination ip/port quad too
quickly. OpenBSD blocks this traffic as it sees it as a hijacking
attempt. I worked around it by not using state. (*Ick*)
Not using state might be something to try.
Karl <[email protected]>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein