[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pf and Microsoft Exchange IMAPS

The next step might be a tcpdump on the external interface
to watch the traffic and see that it's not doing something
suprising on some other port or something.

On 11/16/2005 10:20:01 AM, Raphael GRUNDRICH wrote:

Errata : pass in quick on $ext_if \ proto tcp \ from any to port imaps flags S/SA synproxy state

I have seen applications running under Windows 2000 that violate the 2MSL TCP rule, reusing the source ip/port destination ip/port quad too quickly. OpenBSD blocks this traffic as it sees it as a hijacking attempt. I worked around it by not using state. (*Ick*) Not using state might be something to try.

Karl <[email protected]>
Free Software:  "You don't pay back, you pay forward."
                 -- Robert A. Heinlein