The "EHLO" greeting is not looked at by the firewall so that can be 

Can you enable logging on the rule allowing port 25, and verify where the 
packets are actually coming from?

In most cases we set our clients up with our spam filter and the inbound port 
25 rule allows connections only from the spam filter server IP ranges...


Steve Yates
ITS, Inc.

-----Original Message-----
From: List <> On Behalf Of Alberto José García 
Sent: Friday, May 18, 2018 11:52 AM
Subject: Re: [pfSense] How could I block messages trying to pass as from my net?

El vie, 18-05-2018 a las 16:24 +0000, Steve Yates escribió:
>       I think your rule should work.  Are you sure there is not
> another rule above that one in the list of rules, that allows the
> inbound connection?  In other words the block rule has to be above
> the rule allowing traffic on port 25 to your mail server.
> --
> Steve Yates
> ITS, Inc.
That rule is the third in the WAN section, after the one blocking rfc
1918 networks and the one blocking bogon networks.

Could I create a rule saying, for instance: "reject packets originating
(apparently!) from the WAN address and directed to my WAN address? (as
they are trying to forge identity) 

Should that work?
M.Sc. Alberto García Fumero
Usuario Linux 97 138, registrado 10/12/1998
No son las horas que pones en tu trabajo lo que cuenta, sino el trabajo
que pones en esas horas.

pfSense mailing list
Support the project with Gold!
pfSense mailing list
Support the project with Gold!

Reply via email to