Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Blocking incomming SMTP connections - What am I doing wrong?

    Scheduled Pinned Locked Moved NAT
    3 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      asdm
      last edited by

      I'm trying to deny connection to port 25 from all but my spam filtering service.

      Config details:
      PFSense 2.0
      Virtual IP (public) established for the Email server along with a 1:1 NAT entry for the LAN IP.

      I have setup a NAT entry (with the automatic firewall rule) for SMTP with the source type of "Network" and the address 74.125.148.0/22, which is the network for the anti-spam service. Spammers are still able to talk to my email server and I can telnet into port 25 from hosts other than the above mentioned subnet.

      What am I doing wrong?

      1 Reply Last reply Reply Quote 0
      • dotdashD
        dotdash
        last edited by

        First, If you have a 1-1 nat rule, you don't need a port-forward. Delete it. The default linked rule allows from all IPs. Add a firewall rule. Use 74.125.148.0/22 as the source and the destination the private IP on the email server and port 25.

        1 Reply Last reply Reply Quote 0
        • A
          asdm
          last edited by

          Thanks dotdash - this is exactly what was happening.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.