i have ME OS installed on my computer alongwith
a)Kerio PFW4
b)DNSKong
3)Proximitron
4)Dexter

Rules have been imported from Sponge at Geocities.
Thes are working excellently except that they do not say anything about configuring my Mozilla Thunderbird recently installed by me.
I have obtained names of SMTP & POP servers of my ISP but not able to set them up in the ruleset.
I am a newbie. Can anyone out there help .
Thanks in advance.

Hi yogishree

... and welcome to Wilders :)

-{ Quote: "I have obtained names of SMTP & POP servers of my ISP but not able to set them up in the ruleset." }-
You will need to permit your mail client outbound access to remote port 25 (SMTP) and remote port 110 (POP3). You could also restrict these rules to your ISP's servers.

Protocol: TCP
Action: Permit
Direction: Outbound
Application: (Your Email Client)
Remote Port: 25
Remote Address: xxx.xxx.xxx.xxx

Protocol: TCP
Action: Permit
Direction: Outbound
Application: (Your Email Client)
Remote Port: 110
Remote Address: xxx.xxx.xxx.xxx

Regards,

CrazyM

Thanks CrazyM for the very quick response.

Could you tell me as to where exactly are these rules to be placed since I understand this could be important.First few rules of my FW restrict DHCP to the remote DHCP ports of my ISP,allow local host resolution,allow WINS server to 127.0.0.1, permit DNSK to 127.0.0.1,permit DNS to various DNS servers of my ISP and therafter various rules ending with block all.

while on the subject could you tell me if the WINS server rule is OK. I am asking since ,though this was done on the advice of sponge,the rule itself
was not present in the rule list imported .

Does anyone know about any other good rule set for KPFW suitable for a reasonably security conscious but regular web surfer.

-{ Quote: "Could you tell me as to where exactly are these rules to be placed since I understand this could be important.First few rules of my FW restrict DHCP to the remote DHCP ports of my ISP,allow local host resolution,allow WINS server to 127.0.0.1, permit DNSK to 127.0.0.1,permit DNS to various DNS servers of my ISP and therafter various rules ending with block all." }-
I have not used/tested the new v4.x Kerio and am not familiar with it's advanced rules capabilities or configuration options. Placement is important as rules are usually processed from the top down and once a match is found, no further checking is done.

-{ Quote: "while on the subject could you tell me if the WINS server rule is OK. I am asking since ,though this was done on the advice of sponge,the rule itself
was not present in the rule list imported ." }-
What are the details of the rule?

-{ Quote: "Does anyone know about any other good rule set for KPFW suitable for a reasonably security conscious but regular web surfer." }-
BlitzenZeus Kerio v2.x Default Replacement Rules (http://www.dslreports.com/forum/remark,8023708~mode=flat)
This link is always a good place to start. Be sure to read all of it.

You can also find some other basic guidelines for customizing rules in the Other Firewalls Sticky Posts and Other Useful Links (http://www.wilderssecurity.com/showthread.php?t=24415) post.

Regards,

CrazyM

Hi CrazyM,
I always thought that the internet was an impersonal thing and did not know that an individual's problem could be responded to so fast.Simply tremendous.

Back to the issue as below
a) Sponge had only said that it is important to obtain WINS Server details from your ISP and he shall subsequently come to the configuration portion.While DHCP & DNS confs were explained as also included in his rules but WINS was not there.Possibly he forgot.
b)The rule blocking the mail service says ; BLOCK ALL DNS(USE WITH PERMIT DNS TO DNS SERVERS X). the X is the DNS server of the ISP-rules relating to which are above this block rule .
After your response,I formed the rules as adviced by you and placed them above the offending rule.
c)But sorry the FW continued to block.And to my surprise on opening the FW I found that while the rule reg SMTP was as placed , POP3 rule has gone below the BLOCK ALL DNS rule.

While I shall certainly follow the links given by you - but I did read somewhere in your forums that KFW 2.x.x was one of the best and do you think that it may be better if i shift to this.

The WINS Server role is not very clear.Just to check up,I disabled it for 5 mins and all sites accessed therafter were showing violation of the BLOCK ALL DNS rules.

shall be really glad if you or someone else could clarify.

I think that the general concensus on Kerio is that 2.1.5 is more desirable than any of the 4.x.x series. 4.x has many problems and bugs and is more bloated as well. Kerio 2.x is preferred by most.

Also, Sponge's rules are oriented mainly toward preventing spyware and ads and what not. Although you CAN use Kerio for this, it's not what I'd use a firewall for. I'd be primarily interesting in normal firewall protection first. The ad/spyware blocking can be done with other programs. Also Sponge's rules were designed for Kerio 2, just as BZ's are, which I would prefer over Sponge's. See this link below for a better rule set for Kerio 2.1.5:

http://www.dslreports.com/forum/remark,8023708~mode=flat

Be sure and read the thread and then download the final rule set near the END of the thread.

Just my 2 cents.. Others may have other ideas... ;)