SMTP AND POP rules for Kerio PFW4

Discussion in 'other firewalls' started by yogishree, Jan 16, 2005.

Thread Status:
Not open for further replies.
  1. yogishree

    yogishree Registered Member

    Joined:
    Jan 15, 2005
    Posts:
    871
    Location:
    Chhattisgarh-India
    i have ME OS installed on my computer alongwith
    a)Kerio PFW4
    b)DNSKong
    3)Proximitron
    4)Dexter

    Rules have been imported from Sponge at Geocities.
    Thes are working excellently except that they do not say anything about configuring my Mozilla Thunderbird recently installed by me.
    I have obtained names of SMTP & POP servers of my ISP but not able to set them up in the ruleset.
    I am a newbie. Can anyone out there help .
    Thanks in advance.
     
  2. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Hi yogishree

    ... and welcome to Wilders :)

    You will need to permit your mail client outbound access to remote port 25 (SMTP) and remote port 110 (POP3). You could also restrict these rules to your ISP's servers.

    Protocol: TCP
    Action: Permit
    Direction: Outbound
    Application: (Your Email Client)
    Remote Port: 25
    Remote Address: xxx.xxx.xxx.xxx

    Protocol: TCP
    Action: Permit
    Direction: Outbound
    Application: (Your Email Client)
    Remote Port: 110
    Remote Address: xxx.xxx.xxx.xxx

    Regards,

    CrazyM
     
  3. yogishree

    yogishree Registered Member

    Joined:
    Jan 15, 2005
    Posts:
    871
    Location:
    Chhattisgarh-India
    Thanks CrazyM for the very quick response.

    Could you tell me as to where exactly are these rules to be placed since I understand this could be important.First few rules of my FW restrict DHCP to the remote DHCP ports of my ISP,allow local host resolution,allow WINS server to 127.0.0.1, permit DNSK to 127.0.0.1,permit DNS to various DNS servers of my ISP and therafter various rules ending with block all.

    while on the subject could you tell me if the WINS server rule is OK. I am asking since ,though this was done on the advice of sponge,the rule itself
    was not present in the rule list imported .

    Does anyone know about any other good rule set for KPFW suitable for a reasonably security conscious but regular web surfer.
     
  4. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    I have not used/tested the new v4.x Kerio and am not familiar with it's advanced rules capabilities or configuration options. Placement is important as rules are usually processed from the top down and once a match is found, no further checking is done.

    What are the details of the rule?

    BlitzenZeus Kerio v2.x Default Replacement Rules
    This link is always a good place to start. Be sure to read all of it.

    You can also find some other basic guidelines for customizing rules in the Other Firewalls Sticky Posts and Other Useful Links post.

    Regards,

    CrazyM
     
  5. yogishree

    yogishree Registered Member

    Joined:
    Jan 15, 2005
    Posts:
    871
    Location:
    Chhattisgarh-India
    Hi CrazyM,
    I always thought that the internet was an impersonal thing and did not know that an individual's problem could be responded to so fast.Simply tremendous.

    Back to the issue as below
    a) Sponge had only said that it is important to obtain WINS Server details from your ISP and he shall subsequently come to the configuration portion.While DHCP & DNS confs were explained as also included in his rules but WINS was not there.Possibly he forgot.
    b)The rule blocking the mail service says ; BLOCK ALL DNS(USE WITH PERMIT DNS TO DNS SERVERS X). the X is the DNS server of the ISP-rules relating to which are above this block rule .
    After your response,I formed the rules as adviced by you and placed them above the offending rule.
    c)But sorry the FW continued to block.And to my surprise on opening the FW I found that while the rule reg SMTP was as placed , POP3 rule has gone below the BLOCK ALL DNS rule.

    While I shall certainly follow the links given by you - but I did read somewhere in your forums that KFW 2.x.x was one of the best and do you think that it may be better if i shift to this.

    The WINS Server role is not very clear.Just to check up,I disabled it for 5 mins and all sites accessed therafter were showing violation of the BLOCK ALL DNS rules.

    shall be really glad if you or someone else could clarify.
     
    Last edited: Jan 16, 2005
  6. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    I think that the general concensus on Kerio is that 2.1.5 is more desirable than any of the 4.x.x series. 4.x has many problems and bugs and is more bloated as well. Kerio 2.x is preferred by most.

    Also, Sponge's rules are oriented mainly toward preventing spyware and ads and what not. Although you CAN use Kerio for this, it's not what I'd use a firewall for. I'd be primarily interesting in normal firewall protection first. The ad/spyware blocking can be done with other programs. Also Sponge's rules were designed for Kerio 2, just as BZ's are, which I would prefer over Sponge's. See this link below for a better rule set for Kerio 2.1.5:

    http://www.dslreports.com/forum/remark,8023708~mode=flat

    Be sure and read the thread and then download the final rule set near the END of the thread.

    Just my 2 cents.. Others may have other ideas... ;)
     
Thread Status:
Not open for further replies.