Our mail setup uses Postini to handle spam and viruses. It costs money but does a decent job, with no admin required (anyway, changing that isn't an option at the moment). The trouble is with the spammers who ignore MX and scan for open SMTP ports, and thus bypass Postini.
Having just upgraded our mail server to 7.0-RELEASE (yeah, started too early for 7.1), I want to address this issue, too. I spent most of the day fighting with the mailfromd milter, but I think it's not the right tool in the end.
So I'm looking for a dead-simple ipfilter configuration:
So trying to figure out what I need ...
Does this make sense? I'm always hesitant about firewall rules lest I block myself out! :\
Having just upgraded our mail server to 7.0-RELEASE (yeah, started too early for 7.1), I want to address this issue, too. I spent most of the day fighting with the mailfromd milter, but I think it's not the right tool in the end.
So I'm looking for a dead-simple ipfilter configuration:
- allow all traffic not on port 25
- allow port 25 from 64.18.0.0/20
- allow port 25 from 207.126.144/20
- disallow other port 25
So trying to figure out what I need ...
Code:
pass out on bge0 from any to any
pass in on bge0 from any to any port < 25
pass in on bge0 from any to any port > 25
pass in on bge0 from 64.18.0.0/20 to any port = 25
pass in on bge0 from 207.126.144/20 to any port = 25
pass in on bge0 from 127.0.0.1 to any port = 25
block in on bge0 from any to any port = 25
Does this make sense? I'm always hesitant about firewall rules lest I block myself out! :\