This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall Doesn't Block Email?

So I have a drop rule in the #1 spot - if anything comes from/to an IP address range - I don't care what type of connection it is - I want it to drop.

For some reason I'm still getting emails from those IP address ranges - how can I truly stop the connection from even happening?

See my setup as shown in the images...

This thread was automatically locked due to age.

0 zaphod over 10 years ago

hi,

you run the smtp-proxy... so mails are processed by the smtp-daemon and will be processed and did not come to the firewall-process..

You can try host/network blacklist under SMTP/Relaying but i think this will not work as expected.

Create a DNAT-Rule which DNATs the "Hackers" List to an IP-Adress which is not existent in your LAN.. then create an firewall-rule which drops that traffic.

greets

zaphod
___________________________________________

Home: Zotac CI321 (8GB RAM / 120GB SSD) with latest Sophos UTM
Work: 2 SG430 Cluster / many other models like SG105/SG115/SG135/SG135w/...
Cancel
Vote Up 0 Vote Down

Cancel
0 M.Rottler over 10 years ago

Hackers? Aren't those real linked.in mails?

the new sophos board sucks... :-( please give us the old one back.
Cancel
Vote Up 0 Vote Down

Cancel
0 TheDrew over 10 years ago

Morning zburns,

The reason that the SMTP proxy is catching the emails is because there's an order of precedence to what parts of the system see traffic first.

BAlfson's Rule #2 ( rulz ) explains this in more detail but basically proxies trump firewall rules.
Cancel
Vote Up 0 Vote Down

Cancel