"alex49201" <alex@aeshells.org> ha scritto nel messaggio
news:%7cjh.11425$hI.3632@newssvr11.news.prodigy.ne t...

> I'm hoping it does use 25 to send outgoing as well, then i could
> create a rule to only allow outgoing packets to port 25 IF it is
> coming FROM the local port 25..
>
> Any answer here, or any alternative would be great.. just try to limit
> outgoing mail..

Just limit, on your firewall, the port 25 for incoming mail (permit in
port25) and port 25 for outgoing mail (permit out port 25). For next time,
just think what service, or protocol, you want to use on remote side (or
better: server side). The port opened on local side (or better: client side)
is randomly selected by stack TCP/IP where the number is high of 1024.

For example: WWW server is listening on port 25, the SMTP server is
listening on port 25 (the IANA assigned port). And you are client (WWW) and
recipient mail (or incoming). Your connection to www server is on "remote
side=80,client side=1025", connection from SMTP server to you is on "remote
site=25, client side=1026" and so on.

If you want to configure a firewall stateful, just rememeber it to keep
track the state of the connection (on IPFilter, for example, the "keep
state" keyword) and you will safe on both direction.

Hope this help.

Cesare