[clug] POP and iptables problem
Kim Holburn
kim.holburn at anu.edu.au
Thu Nov 4 08:24:48 GMT 2004
On 2004 Nov 4, , at 2:16 PM, Antti.Roppola at brs.gov.au wrote:
> Hi all,
>
> Last night I graciously volunteered my time to shift
> a community group's web access from dial-up to ADSL.
>
> In went a IPCop based firewall (very nice) and after
> some testing to ensure web and email worked OK, I cut
> the whole office over. Currently HTTP, DNS, POP & SMTP
> are the only ports allowed through. Further testing confirmed
> that web, SMTP and POP3 all worked.
>
> So I get a call this morning. No good deed goes un-punished...
>
> Whilst SMTP and web still work, POP3 from the Windows98
> desktop running Outlook does not. Outlook cannot retrieve
> mail and I get an error code that looks up as:
>
> 0x800 CCC0E FAILED_TO_CONNECT Cannot connect to server.
>
> Now if I telnet to port 110 on the pop server from that Win98
> desktop, I can establish a connection with the POP server and
> get "OK" messages most of the way through authentication (I don't
> have the password and the owner was out). I try (no success)
> adding port 995 (SSL) to the ruleset.
I have found that windows sometimes tries to ping a server before it
tries to connect. If the ping doesn't work it gives up, never trying
the service.
>
> There is a possibility that the password stored in Outlook for
> that POP account is incorrect. The machine had a variety of
> backdoors and trojans (partially?) removed yesterday.
>
> Now, since I can connect to the POP server OK, I am inclined to
> think that the issue has nothing to do with the firewall. Is this
> a reasonable assumption? Or have I missed something important?
>
> Ideas?
>
> Antti
>
> ----------------------------------------------------------------------
> IMPORTANT - This message has been issued by The Department of
> Agriculture, Fisheries and Forestry (DAFF). The information
> transmitted is for the use of the intended recipient only and may
> contain confidential and/or legally privileged material. It is your
> responsibility to check any attachments for viruses and defects before
> opening or sending them on.
> Any reproduction, publication, communication, re-transmission,
> disclosure, dissemination or other use of the information contained in
> this e-mail by persons or entities other than the intended recipient
> is prohibited. The taking of any action in reliance upon this
> information by persons or entities other than the intended recipient
> is prohibited. If you have received this e-mail in error please
> notify the sender and delete all copies of this transmission together
> with any attachments. If you have received this e-mail as part of a
> valid mailing list and no longer want to receive a message such as
> this one advise the sender by return e-mail accordingly. Only e-mail
> correspondence which includes this footer, has been authorised by DAFF
> ----------------------------------------------------------------------
> --
> linux mailing list
> linux at lists.samba.org
> http://lists.samba.org/mailman/listinfo/linux
>
>
--
Kim Holburn
IT Manager, Canberra Research Laboratory
National Information and Communication Technology Australia
Ph: +61 2 61258620 M: +61 417820641
Email: kim.holburn at anu.edu.au - PGP Public Key on request
Cacert Root Cert: http://www.cacert.org/index.php?id=16 ->
http://www.cacert.org/cacert.crt
Aust. Spam Act: To stop receiving mail from me: reply and let me know.
Use ISO 8601 dates [YYYY-MM-DD]
http://www.saqqara.demon.co.uk/datefmt.htm
Democracy imposed from without is the severest form of tyranny.
-- Lloyd Biggle, Jr. Analog, Apr 1961
More information about the linux
mailing list