RE: [qmailtoaster] Spamassassin how-to improve spam catch

[ashok]

Hello Igor,,   Thank you so muchJ   I have done it.   Regards ashok   From: Igor Smitran [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 18, 2006 6:17 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Spamassassin how-to improve spam catch   ---- Original Message ---- From: ashok > >   Everytime my IP blocked I put a request to unblock it … But now its > happening frequently. > >    This happens due to virus attack in LAN and those viruses start > sending emails out from Private LAN – Nated to using gateway IP to > Internet .  > > Pls Suggest me a way to fix this . > > Thanks  & Regards > ashok Problem is this: when your client gets virus virus sends himself in a way that he mades direct connection to remote mail server, port 25. When lot of complaints gets to one of RBL's you have your machine blocked.   All you need to do is to add iptables drop in forward chain, something like this:   iptables -I FORWARD 1 -i ethx -p tcp -s xxx.xxx.xxx.xxx/24 --dport 25 -j DROP   number 1 means that this rule will be first rule in chain ethx is your nated interface xxx.xxx.xxx.xxx/24 is your nated network   If you want your clients to be able to send mails put one ACCEPT rule before this DROP, to allow connections to YOUR mail server.   Igor