[oclug] Port Forwarding problem to Exchange Server solved
bill.strosberg at rcpsc.edu
Wed Apr 25 07:17:57 EDT 2001
I may be wrong here, but you should be able to set up an ipchains rule to
REJECT the ident request rather than DENY it. Not offering the service (ie.
blocking it) will result in a DENY, and the server at Bell Nexxia may
require a response to it's inquiry - regardless of whether it returns a
positive result or a REJECT. Setting a REJECT rule will generally fix this
type of problem, and better yet it will not require you to run the identd
and opening another potential security hole.
It's worth a quick try and may be exactly what the doctor ordered.
> Well, I managed to fix my port-forwarding problem with my
> Exchange Server
> not getting mail from Bell Nexxia. Turns out Nexxia requires
> the ident port
> open to the server getting the mail. If it's closed (as it should be),
> nothing will come through. I now have SMTP and ident ports
> forwarded to the
> Exchange Server and mail comes through fine from Nexxia.
> So how does one fix this problem and remain secure?
More information about the OCLUG