Block SMTP on LAN besides Mail server
-
What's the best way to block smtp on a lan (besides the actual mail server)? We got hit and a user started sending spam out. We caught it right away but got bl. In Pfsense I created an alias called mailservers. Then defined the machines by their ip. In the LAN firewall tab I created a rule that blocks port 25 except the alias list. I have the rule before any allows but it still doesn't block smtp. I setup an smtp server on a workstation to see if it would be blocked and it can still send off emails. I know I'm missing something. I tried searching the forum and while I do see some talk on how to do this I don't see any specific examples. To date we have just had the allow all outgoing but I think it's too dangerous so I need to start limiting what goes out.
-
Outbound rules:
Lan Subnet to Wan port 25 to mail server IP. Allow.
Lan Subnet to Wan port 25 any. Block.
Should work.
-
Thanks for the reply. I will see if that will work.
-
Should be LAN to any on both those, not to WAN, otherwise correct.
-
Thanks! That worked perfect.