Cannot block pop3 traffic [SOLVED]

  • hi all,
    as i'm not intended to use pop3 protocol to check mail on my groupware, so, for security related questions, i'm trying to block tcp traffic from wan area on 110 port via pfsense.
    other similar rules work, but there is no way to block pop3 session from wan.
    someone may explain me why?

    In attach you may see relative config images (nat & rule), lan net is 192.168.101.x, dmz is 192.168.201.x.  As you may see, i also enabled traffic logging, but firewall log does not register any packet block during a pop3 session from wan.
    hope someone may help, tnx, bye, luca.

    pfsense 1.2.2 vm on vmware server 2 with 3 eth card (wan, lan, dmz)
    in dmz i have a groupware vm

  • ok, i found the solution by myself.

    groupware has pop3 (110) and pop3/s (995) enabled, pfsense nats both of the ports to groupware server.

    on my PC I installed avast with virus mail protection.. avast intercepts my pop client request and automatically translates request to groupware 995 port.. so, both of them (telnet to 110 and pop mail client) have success via 995.
    blocking also 995 solved the question. Obviously telnet to 110 fails if you disable antivir mail check..

    tnx anyway, bye, luca.

Log in to reply