How to block port 25 for all machine except the mailserver

I like to block the port 25 on our firewall so no other than the real email server can send emails

Considering that the mail server address is 10.0.0.1, the gateway is 10.0.0.254 and the gateway that connects to the internet through the router has the IP of 192.168.0.100
So the machine that is running IPTables is on 10.0.0.254 and the external nic is 192.168.0.100
What should my rule look like?

TIA,

Tom
tom_szaboAsked:
Who is Participating?
 
BlazCommented:
iptables -I FORWARD -p tcp --dport 25 -j DROP
iptables -I FORWARD -s 10.0.0.1 -p tcp --dport 25 -j ACCEPT

This rules will drop every connection to port 25 if not comming from your email server. Note that I wrote "-I" which means insert at the beginning - the rules will be reversed in the FORWARD chain.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.