Limit port 25 to network range how?
Piet4220 last edited by
I'm quite new to Pfsense, and I'm trying to limit SMTP access to my mail server, my anti-spam provider i s Postini and there guide says to restrict port 25 to ther ip range 220.127.116.11/20 how can I do that in Pfsense?
Cry Havok last edited by
If you have a default deny stance then create a rule on the LAN interface allowing access with a destination networkof 18.104.22.168/20 and a destination port of 25/TCP. If you have a default allow rule then create a rule on the LAN interface denying access to not destination network 22.214.171.124/20 where the destination port is 25/TCP.
Optionally add a source IP of the SMTP server on your LAN.
Sounds like maybe you're wanting the reverse of what Cry Havok was explaining but the idea is the same.
If you only want to accept mail for your local server from Postini, then you need just one rule on the WAN tab for SMTP:
Pass TCP from 126.96.36.199/20 to (your mail server IP) port 25.
If you have any other SMTP rules allowing port 25 to your mail server, they should be removed or changed so the Postini rule is the only one referencing port 25 to the mail server.