On Sun, Dec 23, 2012 at 05:10:45AM -0800, Mark Ford wrote: > I am hoping someone can help show me where I'm going wrong. > I have iptables setup in the following way, basically, I am > using the chain "pests" to drop data from certain IPs. > > > Chain INPUT (policy ACCEPT) > target prot opt source destination > pests tcp -- 0.0.0.0/0 0.0.0.0/0 > > Chain FORWARD (policy ACCEPT) > target prot opt source destination > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > > Chain pests (1 references) > target prot opt source destination > DROP tcp -- 1.85.17.0/24 0.0.0.0/0 > DROP tcp -- 67.228.245.0/24 0.0.0.0/0 > > > (in reality, the "pests" chain is much larger) > > It seems to work, except I find emails from certain IPs are > still getting through, and it's always when I have set a /24 netmask. > > For example, in a recent email, the header was... > > Received: from mail10.mydailyflog.com ([67.228.245.121]) Is the above your complete iptables ruleset? Is this ruleset on the mail server in question, or on a seperate box? If on a seperate box, is it acting as a router, are you doing any NAT? Cheers, Tom -- Sic transit gloria Monday!
Attachment:
signature.asc
Description: Digital signature