Problem with incoming e-mails because of firewall

mr.robot

Registered
Apr 13, 2017
1
0
1
Germany
cPanel Access Level
Root Administrator
Hi, I am doing my iptables to set up and have the following problem. Since I lock the incoming ports and unblock individually and the outgoing ports have completely shared, the emails go out but not pure!

I found no port to put the e-mail traffic again normal. If I allow the firewall everything then I do not have this problem!

My goal is: Several IP's are available and would like to release only port 80 and 443 for the websites.

My IPTABLES rules is:

Code:
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT

iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP

iptables -A INPUT -i lo -j ACCEPT

iptables -A INPUT -p tcp -m tcp -m multiport -d IP6 --dports 21,22,25,111,465,993,995,2096,2083,2087 -j ACCEPT
iptables -A INPUT -p udp -m udp -m multiport -d all --dports 67,111,845 -j ACCEPT

#TCP Special
iptables -A INPUT -p tcp -m tcp -m multiport -d IP1 --dports 80,443 -j ACCEPT
iptables -A INPUT -p tcp -m tcp -m multiport -d IP2 --dports 80,443 -j ACCEPT
iptables -A INPUT -p tcp -m tcp -m multiport -d IP3 --dports 80,443 -j ACCEPT
iptables -A INPUT -p tcp -m tcp -m multiport -d IP4 --dports 80,443 -j ACCEPT
iptables -A INPUT -p tcp -m tcp -m multiport -d IP5 --dports 80,443 -j ACCEPT
iptables -A INPUT -p tcp -m tcp -m multiport -d IP7 --dports 80,443 -j ACCEPT
iptables -A INPUT -p tcp -m tcp -m multiport -d IP8 --dports 80,443 -j ACCEPT

#UDP
iptables -A INPUT -p udp -m udp -m multiport --src 127.0.0.1 --dports 53,323 --jump ACCEPT
iptables --append INPUT --match udp --protocol udp --src 192.168.122.1 --sport 53 --jump ACCEPT
iptables -A INPUT -p udp -m udp -m multiport --dports 67,111,845 --jump ACCEPT
#
iptables --append INPUT --match udp --protocol udp --src IP1 --sport 53 --jump ACCEPT
iptables --append INPUT --match udp --protocol udp --src IP2 --sport 53 --jump ACCEPT
iptables --append INPUT --match udp --protocol udp --src IP3 --sport 53 --jump ACCEPT
iptables --append INPUT --match udp --protocol udp --src IP4 --sport 53 --jump ACCEPT
iptables --append INPUT --match udp --protocol udp --src IP5 --sport 53 --jump ACCEPT
iptables --append INPUT --match udp --protocol udp --src IP6 --sport 53 --jump ACCEPT
iptables --append INPUT --match udp --protocol udp --src IP7 --sport 53 --jump ACCEPT
iptables --append INPUT --match udp --protocol udp --src IP8 --sport 53 --jump ACCEPT

#TCP
iptables -A INPUT -p tcp -m tcp -m multiport --src 127.0.0.1 --dports 53,783,953 --jump ACCEPT
iptables --append INPUT --match tcp --protocol tcp --src 192.168.122.1 --sport 53 --jump ACCEPT
#
iptables --append INPUT --match tcp --protocol tcp --src IP1 --sport 53 --jump ACCEPT
iptables --append INPUT --match tcp --protocol tcp --src IP2 --sport 53 --jump ACCEPT
iptables --append INPUT --match tcp --protocol tcp --src IP3 --sport 53 --jump ACCEPT
iptables --append INPUT --match tcp --protocol tcp --src IP4 --sport 53 --jump ACCEPT
iptables --append INPUT --match tcp --protocol tcp --src IP5 --sport 53 --jump ACCEPT
iptables --append INPUT --match tcp --protocol tcp --src IP6 --sport 53 --jump ACCEPT
iptables --append INPUT --match tcp --protocol tcp --src IP7 --sport 53 --jump ACCEPT
iptables --append INPUT --match tcp --protocol tcp --src IP8 --sport 53 --jump ACCEPT

service iptables save
service iptables restart
Thanks for read
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,884
2,254
463