|
---- Original Message ----
From: ashok > > Everytime my IP blocked I put a request to unblock it But now its > happening frequently. > > This happens due to virus attack in LAN and those viruses start > sending emails out from Private LAN Nated to using gateway IP to > Internet . > > Pls Suggest me a way to fix this . > > Thanks & Regards > ashok Problem is this: when your client gets virus virus
sends himself in a way that he mades direct connection to remote mail server,
port 25. When lot of complaints gets to one of RBL's you have your machine
blocked.
All you need to do is to add iptables drop in
forward chain, something like this:
iptables -I FORWARD 1 -i ethx -p tcp -s
xxx.xxx.xxx.xxx/24 --dport 25 -j DROP
number 1 means that this rule will be first rule in
chain
ethx is your nated interface
xxx.xxx.xxx.xxx/24 is your nated
network
If you want your clients to be able to send mails
put one ACCEPT rule before this DROP, to allow connections to YOUR mail
server.
Igor
|
- Re: [qmailtoaster] Spamassassin how-to improve spam catch Igor Smitran
