published under license Attribution-ShareAlike 4.0 International (CC BY-SA 4.0)copy! share!
posted in category Systems Software / Firewalls & Networking
posted at 24. Aug '21
Ban SMTP For Local Network All Computers And All Destinations
This is needed, otherwise you will be after a few minutes on blacklist on spamhaus. It is impossible to manage all devices on the network and viruses and malware use this to spam people. It is useful to enable some servers like gmail.com and big hosting providers in the country.
2021: I have to add that situation changed recent years and just keep it banned, no port 25 forward with no exceptions. Clients should use port 587 to send emails anyways and real mail servers have PTR, SPF and other stuff.
iptables -I FORWARD -o eth1 -p tcp --dport 25 -j REJECT iptables -I FORWARD -o eth1 -p tcp --dport 25 -d mail.telekom.sk -j ACCEPT