This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Don't want nets like 210.0.0.0/8 to reach SMTPprox

One of my customers has been under a SMTP dictionary attack (up to 3000 connections/sec). I want to filter out certain nets like 210.0.0.0/8. SMTP proxy seems to ignore packet filter rules. Any hints?

/Walter

This thread was automatically locked due to age.

Parents

0 SecApp over 20 years ago

How can I secure the SMTP proxy to it will only receive emails from a certain IP?
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 SecApp over 20 years ago

How can I secure the SMTP proxy to it will only receive emails from a certain IP?
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 Xeno over 20 years ago in reply to SecApp

Autotically generated packetfilterrule have precedence to user defined packet filter rules. This is the reason why you can not block port 25 manually.
There is also an other trick which can be used without touching the console. It's a litte bit dirty but should work.
Define the net you would like to block. Then make a DNAT which forwards all traffic comming from the defined network, destined for the external interface of ASL, to a server which blocks port 25 (or just use a non existing destination).

Xeno
Cancel
Vote Up 0 Vote Down

Cancel