Hi all,

I have a Draytek 2820 and I want to allow only the SMTP server of my spam filtering provider inbound access to my server.

I have setup SMTP in Open Ports and I have created several filter rules. The rules deny all SMTP traffic and then the other rule allows just the IP address of my spam filtering providers.

However even with this setup, my SMTP still shows as visible when using GRC Sheilds Up.

Any ideas what I have done wrong?

Thanks.

In order of likelyhood:

1. Are the rules in the default date filter (set 2)? If not, make sure that set 2 is configured to pass to the set you're using by configuring "Next Filter Set".

2. For inbound SMTP connections, make sure that the source and destination ports are "TCP, Port: from any to 25"

A common mistake is to put 'from 25 to 25' but the connection doesn't actually come from 25.

3. Is the direction for the filter rules to seto WAN-LAN?

4. Are the filter rules enabled? (Ok, you've checked this but it's worth mentioning )

5. Is the Data Filter enabled in "Firewall"-"General Setup" (it is by default) and set to set #2?

Surely port 25 will show up as open to the outside world, but it will only pass traffic from your spam filtering provider?

If there are firewall rules blocking traffic then a scan from any address that's not passed would show as stealthed or closed (depending on how the scanning tool refers to no response)