Go here: https://lists.pfsense.org/mailman/listinfo/list
On 10/9/2014 12:30 PM, Jorge Severino wrote:
unsubscribe
2014-10-09 13:32 GMT-03:00 Aaron C. de Bruyn <aa...@heyaaron.com
<mailto:aa...@heyaaron.com>>:
In most of my client networks, there is an internal exchange
server and an external spam filter / mail gateway.
I use floating rules to allow all SMTP traffic to the spam filter,
and all SMTP traffic to the Exchange servers, then I block all
other SMTP.
Viruses trying to send mail out to various SMTP servers on the net
get blocked (because it's not going through the spam gateway) and
the Exchange server requires authenticated SMTP.
This makes it easy to set things like copiers (which usually have
horridly complex SMTP support with little or no logging other than
"something went wrong) and various linux/unix boxes to use our
spam filter as an unauthenticated relay, and viruses using SMTP
can only talk to Exchange or the spam filter. Either way, it's
fairly easy to figure out which host is spewing mail by looking at
the Exchange or Postfix logs. It's also fairly easy to rate-limit
or block hosts that send more than 100 messages in an hour.
Use floating rules to accomplish the task. For example:
* Apply immediately on match, accept tcp/25 from any to exchange ip
* Apply immediately on match, accept tcp/25 from any to spam filter ip
* Apply immediately on match, reject tcp/25 from any to any
-A
On Thu, Oct 9, 2014 at 4:05 AM, Mikey van der Worp
<mvdw...@utelisys.com <mailto:mvdw...@utelisys.com>> wrote:
To whom it may concern,
Today I have come to you with the question on how to block
users from spamming with smtp/25, behind *_NAT_* and the IP of
PfSense (< NAT). We do not wish/want to block the entire SMTP
traffic in the private range to the world, because there are
important clients behind the pfSense, who actually behave
normally, we thought about forcing all the SMTP traffic to be
redirected trough the pfsense machine, so it can be
scanned/blocked. (even when the user decides not to do this
and want to use their own SMTP server). Is there some
documentation for this or rate-limiting available? Do you
might have any solutions for the problem described above?
The current situation causes our server to be blocked at
blacklists.
Hopefully somebody can help me out!
Thanks in advance,
Mikey van der Worp
-
*Mikey van der Worp
<https://www.linkedin.com/profile/view?id=182619557>*
System Administrator
Utelisys Communications B.V.
Trinity Buildings
Tower A, 7th floor
Pietersbergweg 15
1105 BM Amsterdam
Tel+31 - 20 - 561 8010 <tel:%2B31%20-%2020%20-%20561%208010>
Fax+31 - 20 - 561 8021 <tel:%2B31%20-%2020%20-%20561%208021>
*"Like us" on facebook*
https://www.facebook.com/utelisyscommunications
*"Follow us" on Linkedin*
https://www.linkedin.com/company/utelisys-communications-b.v./
www.utelisys.com <http://www.utelisys.com/>--
https://www.utelisys.com/
_______________________________________________
List mailing list
List@lists.pfsense.org <mailto:List@lists.pfsense.org>
https://lists.pfsense.org/mailman/listinfo/list
_______________________________________________
List mailing list
List@lists.pfsense.org <mailto:List@lists.pfsense.org>
https://lists.pfsense.org/mailman/listinfo/list
--
Atte
Jorge Severino
Numero movil Personal: 08-7775834
_______________________________________________
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list
_______________________________________________
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list