I'm trying to block a particular subnet which is originating a bunch of what I consider SPAM. (I'm puzzled why they don't appear in the RBL's I use, but that's a discussion for another day.)
Since Astaro's Mail Security doesn't appear to provide any way to blacklist based on originating IP address, I am attempting to block them at the packet filter, but my attempts have been unsuccessful.
I have created a network definition definition:
Name: nationwideassociatesinc.com
Type: Network
Interface: >
IPv4 Address: 64.18.137.192
Netmask: /27(255.255.255.224)
and added that to my "Known Offenders" Network Group.
My firewall rule #1 is
Source: Known offenders
Service: Any
Destination: Any
Action: Drop and log
and #2 is
Source: Known offenders
Service: Any
Destination: WAN(Address)
Action: Drop and log
yet these a-holes continue to get through.
I'm running the SMTP proxy in transparent mode, and I guess the problem is somehow related to the sequence of events within ASG. Any ideas or suggestions how to block this traffic?
This thread was automatically locked due to age.
