Easy solution...block destination ports in the IN of the interface that the computers/servers are connected...i.e. on your lan interface you have 1 email server and 100 computers...create a rule to only allow email from a single server and then make another rule denying anything else. In Cisco world you would do something like this:
[router] access-list onlysmtpsvrs permit tcp host 192.168.1.10 any eq 25 access-list onlysmtpsvrs deny tcp any any eq 25 interface eth0 access-group onlysmtpsvrs in [pix or asa] access-list onlysmtpsvrs permit tcp host 192.168.1.10 any 25 access-list onlysmtpsvrs deny tcp any any 25 access-group onlysmtpsvrs in interface inside On pfSense you simple create a rule before your * * * * * * rule stating you want to allow smtp from one server and deny it for the rest with your * * * * * * being your last rule. -- Curtis LaMasters http://www.curtis-lamasters.com http://www.builtnetworks.com
