Avatar of itemc
 asked on

Open Relay from Reverse DNS entry

Dear Experts

I am using IPCOP as my firewall and Blue Centos as my mail Server. I have two external IPs for my MX records for my domain. The first IP is and the other is used as my reverse DNS entry which is My mail server is in the green network and I have port forwarding in IPCOP which points to the mail server.

A couple days ago I started getting alot of spam from my network which I thought was due to a clients computer infected but after a lot of testing with wireshark I ruled that out as I could not find the machine. I did block port 25 in ipcop by editing the rc.firewall.local.

After some research I came to find out that my reverse dns entry ( is an open relay. I just don't know how to close this relay. I would greatly appreciate the help.  


Email ServersLinux Security

Avatar of undefined
Last Comment
Pierre François

8/22/2022 - Mon
Pierre François

On IPCop, when you allow port forwarding to your mail server, which ports did you forward?

I have forwards port 110 and 25 on IP address I also had an open relay on the IPCOP router which's ip address is which I forwards smpt port 25 to this is a dead ip address.
Pierre François

I think there is a little confusion about what and how to forward:

You should forward tcp proto on port 110 and 25 to some local address inside the green network where your mail server resides, typically 10.0.100.x (where x != 99 which is dead) for SMTP and POP traffic.

For reverse DNS lookups, you have to forward udp proto 53 to the local machine running the DNS server.

Now, for avoiding spam, you c
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
Pierre François

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question

Thank you pfrancois I did figure out my problem after reading your message. We are going to change our system so instead of red and green we are going to have red green and orange, so my mail server will be in a DMZ network. Thank you for your the response.

Basically I saw where my configuration was wrong and which is the best way to get the network more secure.
Pierre François

Thank you for your consideration. Indeed, it is better to put the mail server into the orange DMZ.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.