[Firewall] Block SMTP traffic out
Dennis van der Meer
iptables at greenchem-adblue.com
Mon Mar 1 15:48:05 CET 2010
I found a similar question in the mailinglist archives and there it is
suggested to use
I have even used
And I am still able to connect to our mail provider host by telnetting
to it on port 25.
I also added:
just to log traffic. The only problem with this is that it logs internal
traffic going out from the Linux server directly
but not the LAN. I have a mail gateway on this server which forwards
email to an internal Exchange server and in
the logs I see port 25 connects from linux gateway to Exchange server.
When I do a telnet on port 25 to our email
provider from my desktop I don't see this connection in the log.
Is there any way I can log traffic that is going through NAT?
From: Dennis van der Meer
Sent: maandag 1 maart 2010 15:13
To: 'Arno's IPTABLES firewall script'
Subject: Block SMTP traffic out
We are currently having a problem that more and more of our email is
being blocked since we are on
a spam list. Since we don't spam ourselves (and I am certain of it) I
think we have a spam bot running in
our network. Unfortunately the network is too large to scan each and
every computer for any spam bots
so I would like to do something else instead.
We have Outlook clients that connect to an Exchange server. The Exchange
server is the only server that
will send email out. All email traffic goes through a Linux gateway that
runs the Arno iptables firewall script.
So I was thinking of blocking port 25 and logging attempts for every
machine but the mail server.
I already tried to set this in the firewall script but somehow it is not
working as it should.
I tried setting the following already:
Can anyone tell me what to set in the config to accomplish what I want?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Firewall