Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 27 Feb 2012 12:00:43 -0500
From:      "Bender, Chris" <chris_bender@cellularatsea.com>
To:        "Jon Radel" <jon@radel.com>
Cc:        freebsd-questions@freebsd.org
Subject:   RE: Email issues, relay failure
Message-ID:  <assp.0404d5ea77.863259E16B6C464DAD1E9DD10BB31154059CFDB1@wmsexg01.corp.cellularatsea.com>
In-Reply-To: <4F4BB61A.1060600@radel.com>
References:  <863259E16B6C464DAD1E9DD10BB31154059CFBAE@wmsexg01.corp.cellularatsea.com> <4F48BAF6.9070204@ifdnrg.com>    <863259E16B6C464DAD1E9DD10BB31154059CFBE7@wmsexg01.corp.cellularatsea.com> <4F48EC21.7040805@ifdnrg.com>    <863259E16B6C464DAD1E9DD10BB31154059CFBEE@wmsexg01.corp.cellularatsea.com> <4F48F45F.4080304@ifdnrg.com>    <863259E16B6C464DAD1E9DD10BB31154059CFBF4@wmsexg01.corp.cellularatsea.com> <4F492262.5090505@radel.com>   <7409DAB4-F76A-493B-9A50-A663E6F6802E@cellularatsea.com>   <4F4BB19A.8040005@radel.com>  <863259E16B6C464DAD1E9DD10BB31154059CFDA4@wmsexg01.corp.cellularatsea.com> <4F4BB61A.1060600@radel.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
How would I whitelist SMTP speakers?

I am thinking it would be ok to reload the rules, would that clear the
issue with SMTP users for now?
Whats the harm?
Thanks


-----Original Message-----
From: Jon Radel [mailto:jon@radel.com]=20
Sent: Monday, February 27, 2012 11:58 AM
To: Bender, Chris
Cc: freebsd-questions@freebsd.org
Subject: Re: Email issues, relay failure

On 2/27/12 11:45 AM, Bender, Chris wrote:

> I was thinking about just reloading the pf.conf but I have never
worked
> with pf so
> I am worried other things might break. My thought was by doing that
the
> Adaptive part of the pfctl would be restarted?

Any pf.conf file I've ever seen does something sensible  after reload.=20
I suspect one could write something perverse that blows up on restart,=20
but that would making rebooting the machine problematic....

>
> Does that make sense would reloading the rules wash the adaptive
> behavior away or
> Would all that still be in some sort of bruteforce file to protect the
> firewall?

pf can load data from files when it starts or just manage things in a=20
fashion that is transient upon restart.  Hard to say what's happening=
 in

your case w/o a clue as to what's in pf.conf.

I'd suggest that you at the very least whitelist internal SMTP speakers=20
that you expect to get e-mail from on a regular basis, even if you do=20
throttling of SMTP connections in general.  Much less messy....

--=20
--Jon Radel
jon@radel.com




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?assp.0404d5ea77.863259E16B6C464DAD1E9DD10BB31154059CFDB1>