Hi,
I would like to enable DNS only for the router itself to resolve the smtp server. If I enable input for port TCP/UDP 53 but drop all the rest the dns does not resolve the Ip Adress of the mail server and cannot send the email. Can you help me setting up the firewall rules?
Thanks in advance.
You should be able to just uncheck the “Allow Remote Request”, that what starts it listening. No firewall rule required. Internally Mikrotik doesn’t need port 53 to use DNS.
When Router ask something, the chain is output, not input.
If it were input it means that the DNS would send the response before it is even asked…
Usually output is free, because if the router is infected, the infection can also bypass or remove useless firewall rules…