From owner-freebsd-questions@FreeBSD.ORG Mon Feb 27 16:45:35 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 45704106564A for ; Mon, 27 Feb 2012 16:45:35 +0000 (UTC) (envelope-from chris_bender@cellularatsea.com) Received: from wireless.icgws.com (wireless.icgws.com [198.211.94.23]) by mx1.freebsd.org (Postfix) with ESMTP id 092EC8FC15 for ; Mon, 27 Feb 2012 16:45:34 +0000 (UTC) Received: by wireless.icgws.com (Postfix, from userid 1003) id EDCEF180DE3; Mon, 27 Feb 2012 11:44:36 -0500 (EST) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on wireless.icgws.com X-Spam-Level: X-Spam-Status: No, score=-2.9 required=3.5 tests=ALL_TRUSTED,BAYES_00 autolearn=ham version=3.3.1 Received: from wmstp.corp.cellularatsea.com (unknown [10.200.250.42]) by wireless.icgws.com (Postfix) with SMTP id BAC74180D7E; Mon, 27 Feb 2012 11:44:35 -0500 (EST) Received: from wmstp.corp.wms.cellularatsea.com (localhost [127.0.0.1]) by wmstp.corp.cellularatsea.com (Postfix) with SMTP id E74EDB18E84; Mon, 27 Feb 2012 11:45:32 -0500 (EST) Received: from wmsexg01.corp.cellularatsea.com ([10.200.104.15] helo=wmsexg01.corp.cellularatsea.com) by wmstp.corp.wms.cellularatsea.com with SMTP (ASSP 1.9.1.1); 27 Feb 2012 11:45:32 -0500 X-Ninja-PIM: Scanned by Ninja X-MimeOLE: Produced By Microsoft Exchange V6.5 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Content-class: urn:content-classes:message x-vipre-scanned: 1014126B002D4D101413B8 Date: Mon, 27 Feb 2012 11:45:31 -0500 Message-ID: In-Reply-To: <4F4BB19A.8040005@radel.com> Thread-Topic: Email issues, relay failure Thread-Index: Acz1bl2zv6wT9KJhRJ2mRT7nxHRm5QAAFWWQ References: <863259E16B6C464DAD1E9DD10BB31154059CFBAE@wmsexg01.corp.cellularatsea.com> <4F48BAF6.9070204@ifdnrg.com> <863259E16B6C464DAD1E9DD10BB31154059CFBE7@wmsexg01.corp.cellularatsea.com> <4F48EC21.7040805@ifdnrg.com> <863259E16B6C464DAD1E9DD10BB31154059CFBEE@wmsexg01.corp.cellularatsea.com> <4F48F45F.4080304@ifdnrg.com> <863259E16B6C464DAD1E9DD10BB31154059CFBF4@wmsexg01.corp.cellularatsea.com> <4F492262.5090505@radel.com> <7409DAB4-F76A-493B-9A50-A663E6F6802E@cellularatsea.com> <4F4BB19A.8040005@radel.com> From: "Bender, Chris" To: "Jon Radel" X-Assp-Whitelisted: Yes () X-Assp-Envelope-From: chris_bender@cellularatsea.com X-Assp-Intended-For: jon@radel.com X-Assp-Passing: 10.200.104.15 in acceptAllMail X-Assp-ID: wmstp.corp.wms.cellularatsea.com (33036-51431) X-Assp-Version: 1.9.1.1(1.0.00) Cc: freebsd-questions@freebsd.org Subject: RE: Email issues, relay failure X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Feb 2012 16:45:35 -0000 Yes after a few minutes the email in question begins to flow. AT some point in the past some of the postfix boxes behind the firewall Where turned off. This caused the fw, I believe to think it was being Attacked because it had nowhere to push the smtp traffic. I believe that is why on several IPs I see TIME_WAITING for the connections. I was thinking about just reloading the pf.conf but I have never worked with pf so=20 I am worried other things might break. My thought was by doing that the=20 Adaptive part of the pfctl would be restarted? Does that make sense would reloading the rules wash the adaptive behavior away or Would all that still be in some sort of bruteforce file to protect the firewall? Thanks -----Original Message----- From: Jon Radel [mailto:jon@radel.com]=20 Sent: Monday, February 27, 2012 11:39 AM To: Bender, Chris; freebsd-questions@freebsd.org Subject: Re: Email issues, relay failure On 2/25/12 1:39 PM, Bender, Chris wrote: > Thanks. There aren't any firewalls between the devices but they are far apart. On 2/27/12 11:12 AM, Bender, Chris wrote: > Can anybody assist me with pfctl on freebsd? > I have pfctl running as adaptive. It is blocking some smtp mail. !!!!! BTW, pfctl is the program for controlling the firewall. The actual=20 firewall is generally referred to as pf. So if you just turn PF off for a bit, does e-mail suddenly flow? --=20 --Jon Radel jon@radel.com