Solved

Using iptables to drop connections with certain ip addresses

Posted on 2004-09-13
6
1,076 Views
Last Modified: 2008-02-01
Hello all,

I am running a Postfix mail server that uses RBL lists and spamassassin to filter out the junk mail.  However I noticed an increase in spam on my account coming from the same IP address.  Is there a way I can setup iptables or even postfix to drop the connection or reject the mail from a certain IP address?  Maybe I can setup my own rbl list and add addresses that I want rejected.  Any ideas?  I am giving this one 250 points.

Thanks,

Johnathon B. Allread
0
Comment
Question by:jballread
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 51

Accepted Solution

by:
ahoffmann earned 250 total points
ID: 12044437
# for the firewal on the server running the MTA
iptables -I INPUT 1 -p tcp -s IP-address --dport 25 -j DROP

# for a firewall in front of the MTA
iptables -I FORWARD 1 -p tcp -s IP-address --dport 25 -j DROP
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 12044446
BTW, postfix itself can also block based on sender-addresses
0
 
LVL 22

Expert Comment

by:pjedmond
ID: 12139192
Postfix is probably the best approach for dealing with this type of problem. This is because, only emails to port 25 will be checked against the rule set. If you add the rules to your iptables, then the checks are against every packet arriving. OK this is simplistic...but you get the idea...especially if you end up trying to block a couple of thousand spam addresses?

Basically, you just create a list of addresses that you want blacklisting in a table and get Postfix to react to mails from those addresses. See here for further details:

http://techrepublic.com.com/5100-6313_11-5055103.html

HTH:)
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 
LVL 22

Expert Comment

by:pjedmond
ID: 12139210
The following page is potentially of use:

http://techrepublic.com.com/5100-6313-5055103-2.html

and provides an interesting approach using postfix to deal with a similar problem to the one you have:)
0
 

Expert Comment

by:benjamin_smee
ID: 12240885
http://www.postfix.org/spam.html#smtpd_client_restrictions
will answer all of your questions.

basically put what you want to block in /etc/postfix/access list and then make the appropriate config changes and rehup postfix for it to take effect
0
 
LVL 2

Expert Comment

by:garak1357
ID: 12448597
I use a firewall that has a built in list of banned IP addresses.
When I find someone I want to block, I simply edit the text file
and add their IP address.  You might want to take a look at it.

homeLANsecurity 1.4.1

http://www.unixpages.com/hls
0

Featured Post

Stressed Out?

Watch some penguins on the livecam!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

​Being a Managed Services Provider (MSP) has presented you  with challenges in the past— and by meeting those challenges you’ve reaped the rewards of success.  In 2014, challenges and rewards remain; but as the Internet and business environment evol…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question