Block SMTP on LAN besides Mail server
What's the best way to block smtp on a lan (besides the actual mail server)? We got hit and a user started sending spam out. We caught it right away but got bl. In Pfsense I created an alias called mailservers. Then defined the machines by their ip. In the LAN firewall tab I created a rule that blocks port 25 except the alias list. I have the rule before any allows but it still doesn't block smtp. I setup an smtp server on a workstation to see if it would be blocked and it can still send off emails. I know I'm missing something. I tried searching the forum and while I do see some talk on how to do this I don't see any specific examples. To date we have just had the allow all outgoing but I think it's too dangerous so I need to start limiting what goes out.
chpalmer last edited by
Lan Subnet to Wan port 25 to mail server IP. Allow.
Lan Subnet to Wan port 25 any. Block.
Thanks for the reply. I will see if that will work.
cmb last edited by
Should be LAN to any on both those, not to WAN, otherwise correct.
Thanks! That worked perfect.