Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Spamhause Blacklist & Port 25 traffic

    Scheduled Pinned Locked Moved Firewalling
    blacklist
    2 Posts 2 Posters 696 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      mrpfsense
      last edited by

      Recently, over the last three weeks were have been placed on the spamhause blacklist. Spamhause is suggesting port 25 is leaking traffic.

      If spamhause is correct:

      1. how do i monitor or trace what traffic (specifically on port 25) is leaving the pfsense server?
      2. how do i configure pfsense to only allow traffic on port 25 from one server?

      Thanks for your help.

      S 1 Reply Last reply Reply Quote 0
      • S Offline
        SteveITS Rebel Alliance @mrpfsense
        last edited by SteveITS

        @mrpfsense
        (don't do this but)
        1 ) on LAN add a firewall rule that passes port 25 outbound to any and logs it.

        instead do:
        2a) on LAN allow port 25 outbound from the one server IP, and
        2b) second rule after 2a: on LAN block port 25 outbound and log it

        If spam is being sent that implies a PC is infected. Alternately Spamhaus has other lists like the policy list were the ISP reports it shouldn't be sending mail at all...often set for DHCP IPs.

        Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to reboot, or more depending on packages, and device or disk speed.
        Upvote 👍 helpful posts!

        1 Reply Last reply Reply Quote 1
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.