Topic: firewall entries in /var/log/messages
==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
0.9.8 MARIADB edition.
downloadable installer
CentOS 7
MySQL
Nginx
I'm getting a lot of these messages in my logs. It appears they are related to Spamassassin/Razor but I cannot find what port to open or how to stop them.
Jan 19 09:26:02 my_server kernel: Firewall: *TCP_OUT Blocked* IN= OUT=em1 SRC=Server_IP DST=208.83.137.118 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=17807 DF PROTO=TCP SPT=44788 DPT=2703 WINDOW=29200 RES=0x00 SYN URGP=0 UID=990 GID=987
Jan 19 09:26:03 my_server kernel: Firewall: *TCP_OUT Blocked* IN= OUT=em1 SRC=Server_IP DST=208.83.137.118 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=17808 DF PROTO=TCP SPT=44788 DPT=2703 WINDOW=29200 RES=0x00 SYN URGP=0 UID=990 GID=987
Jan 19 09:26:03 my_server kernel: Firewall: *TCP_OUT Blocked* IN= OUT=em1 SRC=Server_IP DST=208.83.137.117 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=36107 DF PROTO=TCP SPT=60382 DPT=2703 WINDOW=29200 RES=0x00 SYN URGP=0 UID=990 GID=987
Jan 19 09:26:04 my_server kernel: Firewall: *TCP_OUT Blocked* IN= OUT=em1 SRC=Server_IP DST=208.83.137.117 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=36108 DF PROTO=TCP SPT=60382 DPT=2703 WINDOW=29200 RES=0x00 SYN URGP=0 UID=990 GID=987
----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.