sending mail with attachments always fails (FreeBSD/pf)
olli hauer
ohauer at gmx.de
Sat Nov 21 19:25:21 UTC 2009
Victor Lyapunov wrote:
> Thanks for your answer, olli.
>
> As i send mail not from my freebsd server, but rather from the clients
> on the local network, so here's what i did:
>
> my pf.conf:
> set loginterface pflog0
> set block-policy drop
> set skip on lo0
> block drop log on em0 all
> pass log inet proto tcp from 192.168.0.0/24 to any port {smtp, pop3,
> imap, smtps, pop3s} flags S/SA keep state
> pass log proto udp from any to any port = domain keep state
>
>
> # tcpdump -net -i pflog0
> Now i went to a windows computer and tried to send an email with
> attachment to gmail.com (sending failed at 2%)
>
> here's what i got in my pflog:
>
> rule 4/0(match): pass in on em0: (tos 0x0, ttl 128, id 19860, offset
> 0, flags [DF], proto TCP (6), length 48) 192.168.0.5.1822 >
> 209.85.129.111.465: [|tcp]
> rule 4/0(match): pass out on em0: (tos 0x0, ttl 127, id 19860, offset
> 0, flags [DF], proto TCP (6), length 48) 192.168.0.5.1822 >
> 209.85.129.111.465: tcp 28 [bad hdr length 0 - too short, < 20]
why is the [DF] bit set?
can you try with the following pf option
scrub all no-df
More information about the freebsd-pf
mailing list