Solved

Using iptables to drop connections with certain ip addresses

Posted on 2004-09-13
6
1,064 Views
Last Modified: 2008-02-01
Hello all,

I am running a Postfix mail server that uses RBL lists and spamassassin to filter out the junk mail.  However I noticed an increase in spam on my account coming from the same IP address.  Is there a way I can setup iptables or even postfix to drop the connection or reject the mail from a certain IP address?  Maybe I can setup my own rbl list and add addresses that I want rejected.  Any ideas?  I am giving this one 250 points.

Thanks,

Johnathon B. Allread
0
Comment
Question by:jballread
6 Comments
 
LVL 51

Accepted Solution

by:
ahoffmann earned 250 total points
ID: 12044437
# for the firewal on the server running the MTA
iptables -I INPUT 1 -p tcp -s IP-address --dport 25 -j DROP

# for a firewall in front of the MTA
iptables -I FORWARD 1 -p tcp -s IP-address --dport 25 -j DROP
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 12044446
BTW, postfix itself can also block based on sender-addresses
0
 
LVL 22

Expert Comment

by:pjedmond
ID: 12139192
Postfix is probably the best approach for dealing with this type of problem. This is because, only emails to port 25 will be checked against the rule set. If you add the rules to your iptables, then the checks are against every packet arriving. OK this is simplistic...but you get the idea...especially if you end up trying to block a couple of thousand spam addresses?

Basically, you just create a list of addresses that you want blacklisting in a table and get Postfix to react to mails from those addresses. See here for further details:

http://techrepublic.com.com/5100-6313_11-5055103.html

HTH:)
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 22

Expert Comment

by:pjedmond
ID: 12139210
The following page is potentially of use:

http://techrepublic.com.com/5100-6313-5055103-2.html

and provides an interesting approach using postfix to deal with a similar problem to the one you have:)
0
 

Expert Comment

by:benjamin_smee
ID: 12240885
http://www.postfix.org/spam.html#smtpd_client_restrictions
will answer all of your questions.

basically put what you want to block in /etc/postfix/access list and then make the appropriate config changes and rehup postfix for it to take effect
0
 
LVL 2

Expert Comment

by:garak1357
ID: 12448597
I use a firewall that has a built in list of banned IP addresses.
When I find someone I want to block, I simply edit the text file
and add their IP address.  You might want to take a look at it.

homeLANsecurity 1.4.1

http://www.unixpages.com/hls
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
vsftp -- 553 could not create file 5 419
configure OpenVpn client settings from .ovpn file for dd-wrt router 7 77
Help with Security Onion/Snorby 14 99
Rule Iptables 1 60
​Being a Managed Services Provider (MSP) has presented you  with challenges in the past— and by meeting those challenges you’ve reaped the rewards of success.  In 2014, challenges and rewards remain; but as the Internet and business environment evol…
Fine Tune your automatic Updates for Ubuntu / Debian
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now