I completed the howto on virtual domains/user with postfix,courier,MySQL and have been testing for a while. I then wanted to add a firewall so I followed the howto http://www.howtoforge.com/linux_iptables_sarge by themachine. I used the following lines for my iptables configuration: # iptables -A INPUT -s 192.168.1.10 -d 10.1.15.1 -p tcp --dport 22 -j ACCEPT # iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT # iptables -A FORWARD -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT # iptables -A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT # iptables -A INPUT -d 10.1.15.1 -p tcp --dport 25 -j ACCEPT # iptables -A INPUT -d 10.1.15.1 -p tcp --dport 143 -j ACCEPT # iptables -A INPUT -d 10.1.15.1 -p tcp --dport 110 -j ACCEPT # iptables -A INPUT -d 10.1.15.1 -s 127.0.0.1 -j ACCEPT # iptables -A INPUT -j REJECT # iptables -A FORWARD -j REJECT After saving this configuration, the mail stopped coming through. I was able to trace the mail logs and see that postfix was not able to connect to MySQL. I was getting errors saying: Jan 24 18:18:58 cronos postfix/proxymap[2458]: warning: connect to mysql server 127.0.0.1: Can't connect to MySQL server on '127.0.0.1' (111) Etc.. So I ran this command: # iptables -I INPUT 5 -d 127.0.0.1 -s 127.0.0.1 -j ACCEPT This fixed the problem but I am just wanted to make sure this was the correct thing to do or if there is a better way to do this. I am a n00b so I just wanted to make sure that I am not doing anything wrong that will compromise the system. Thanks in advance for your help and thanks to all of those who work on this site. It has definitely been a great help to me.
I guess you mean Code: iptables -I INPUT -d 127.0.0.1 -s 127.0.0.1 -j ACCEPT ? It's ok, because it's only for connection within your server, not from the outside world.
