[Firewall] Block SMTP traffic out

Dennis van der Meer iptables at greenchem-adblue.com
Mon Mar 1 15:12:51 CET 2010


Hi,

 

We are currently having a problem that more and more of our email is
being blocked since we are on

a spam list. Since we don't spam ourselves (and I am certain of it) I
think we have a spam bot running in

our network. Unfortunately the network is too large to scan each and
every computer for any spam bots

so I would like to do something else instead.

We have Outlook clients that connect to an Exchange server. The Exchange
server is the only server that

will send email out. All email traffic goes through a Linux gateway that
runs the Arno iptables firewall script.

So I was thinking of blocking port 25 and logging attempts for every
machine but the mail server.

I already tried to set this in the firewall script but somehow it is not
working as it should.

 

I tried setting the following already:

                LAN_INET_HOST_OPEN_TCP="ip_of_mail_server>0/0~25"

                LAN_INET_HOST_DENY_TCP="0/0>0/0~25"

 

Can anyone tell me what to set in the config to accomplish what I want?

 

 

Dennis

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rocky.eld.leidenuniv.nl/pipermail/firewall/attachments/20100301/6ce35005/attachment-0001.htm>


More information about the Firewall mailing list