Re: Help needed on block SMTP
1) I wrote in the first line: "... somethiing as this ...".
2) Me, as you, have the same info about the system in question.
3) I wrote something that can help to solve the problem.
4) If you have the knowledge and the time, put all the posible cases and put
an answer that can cover all posible cases.
Continued in your response:
Dave Ewart writes:
On Wednesday, 18.05.2005 at 11:37 +0200, Samuel Díaz García wrote:
You need something as this in your linux router/firewall box:
iptables -t filter -A INPUT -d $ip_mail_srv -p tcp --dport 25 --syn -j
iptables -t filter -A INPUT -p tcp --dport 25 --syn -j DROP
That doesn't look right. If the mail server is NOT the same system as
the firewall, then nothing will pass on the INPUT chain to the firewall
destined for the mail server.
Do you know where is the smtp server? I don't, I only put 2 options.
#the same in FORWARD chain:
iptables -t filter -A FORWARD -d $ip_mail_srv -p tcp --dport 25 --syn -j
iptables -t filter -A FORWARD -p tcp --dport 25 --syn -j DROP
The first of the above two rules will work partly, but won't allow any SMTP
traffic *from* the mail server back out ...
Well, 2 solutions (or more):
1) delete "--syn"
2) use the tipical "RELATED, ESTABLISHED" rule about.
3) Propose you some solution more.
Please don't CC me on list messages!
Dave Ewart - firstname.lastname@example.org - jabber: email@example.com
All email from me is now digitally signed, key from http://www.sungate.co.uk/
Fingerprint: AEC5 9360 0A35 7F66 66E9 82E4 9E10 6769 CD28 DA92
Samuel Díaz García
ArcosCom Wireless, S.L.L.
móvil: 651 93 72 48
tlfn.: 956 70 13 15
fax: 956 70 34 83