Limit port 25 to network range how?
-
Hello,
I'm quite new to Pfsense, and I'm trying to limit SMTP access to my mail server, my anti-spam provider i s Postini and there guide says to restrict port 25 to ther ip range 207.126.144.0/20 how can I do that in Pfsense?
Kind regards
Piet -
If you have a default deny stance then create a rule on the LAN interface allowing access with a destination networkof 207.126.144.0/20 and a destination port of 25/TCP. If you have a default allow rule then create a rule on the LAN interface denying access to not destination network 207.126.144.0/20 where the destination port is 25/TCP.
Optionally add a source IP of the SMTP server on your LAN.
-
Sounds like maybe you're wanting the reverse of what Cry Havok was explaining but the idea is the same.
If you only want to accept mail for your local server from Postini, then you need just one rule on the WAN tab for SMTP:
Pass TCP from 207.126.144.0/20 to (your mail server IP) port 25.
If you have any other SMTP rules allowing port 25 to your mail server, they should be removed or changed so the Postini rule is the only one referencing port 25 to the mail server.
