Solved

Using iptables to drop connections with certain ip addresses

Posted on 2004-09-13
6
1,072 Views
Last Modified: 2008-02-01
Hello all,

I am running a Postfix mail server that uses RBL lists and spamassassin to filter out the junk mail.  However I noticed an increase in spam on my account coming from the same IP address.  Is there a way I can setup iptables or even postfix to drop the connection or reject the mail from a certain IP address?  Maybe I can setup my own rbl list and add addresses that I want rejected.  Any ideas?  I am giving this one 250 points.

Thanks,

Johnathon B. Allread
0
Comment
Question by:jballread
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 51

Accepted Solution

by:
ahoffmann earned 250 total points
ID: 12044437
# for the firewal on the server running the MTA
iptables -I INPUT 1 -p tcp -s IP-address --dport 25 -j DROP

# for a firewall in front of the MTA
iptables -I FORWARD 1 -p tcp -s IP-address --dport 25 -j DROP
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 12044446
BTW, postfix itself can also block based on sender-addresses
0
 
LVL 22

Expert Comment

by:pjedmond
ID: 12139192
Postfix is probably the best approach for dealing with this type of problem. This is because, only emails to port 25 will be checked against the rule set. If you add the rules to your iptables, then the checks are against every packet arriving. OK this is simplistic...but you get the idea...especially if you end up trying to block a couple of thousand spam addresses?

Basically, you just create a list of addresses that you want blacklisting in a table and get Postfix to react to mails from those addresses. See here for further details:

http://techrepublic.com.com/5100-6313_11-5055103.html

HTH:)
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 
LVL 22

Expert Comment

by:pjedmond
ID: 12139210
The following page is potentially of use:

http://techrepublic.com.com/5100-6313-5055103-2.html

and provides an interesting approach using postfix to deal with a similar problem to the one you have:)
0
 

Expert Comment

by:benjamin_smee
ID: 12240885
http://www.postfix.org/spam.html#smtpd_client_restrictions
will answer all of your questions.

basically put what you want to block in /etc/postfix/access list and then make the appropriate config changes and rehup postfix for it to take effect
0
 
LVL 2

Expert Comment

by:garak1357
ID: 12448597
I use a firewall that has a built in list of banned IP addresses.
When I find someone I want to block, I simply edit the text file
and add their IP address.  You might want to take a look at it.

homeLANsecurity 1.4.1

http://www.unixpages.com/hls
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Fine Tune your automatic Updates for Ubuntu / Debian
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

742 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question