Mind Dump, Tech And Life Blog
written by Ivan Alenko
published under license Attribution-ShareAlike 4.0 International (CC BY-SA 4.0)copy! share!
posted at 24. Aug '21

Ban SMTP For Local Network All Computers And All Destinations

This is needed, otherwise you will be after a few minutes on blacklist on spamhaus. It is impossible to manage all devices on the network and viruses and malware use this to spam people. It is useful to enable some servers like gmail.com and big hosting providers in the country.

2021: I have to add that situation changed recent years and just keep it banned, no port 25 forward with no exceptions. Clients should use port 587 to send emails anyways and real mail servers have PTR, SPF and other stuff.

iptables -I FORWARD -o eth1 -p tcp --dport 25 -j REJECT
iptables -I FORWARD -o eth1 -p tcp --dport 25 -d mail.telekom.sk -j ACCEPT

Add Comment