SMTP filtering

  • I am new to PFsense and am hoping to get some advice/help on how filter SMTP Traffic.  I have a comcast connection with a block of 5 static ip addresses, i have setup the ips as virtual ip addresses.  What i want to do is block outgoing smtp traffic on all pc's except the servers.  I also need to route the outgoing smtp traffic from the servers that have permission to go out over one of the Virtual IPs.  I know it is all in the firewall rules but im not quite sure which way to go about it, any assistance would be great.

  • You need firewall rules to block smtp traffic and an outbound nat rule to force a ip to the server hosts.

    pfsense rules are top down, so create the allow server rules before deny smtp rule.

    Marcello Coutinho

  • Would you be able to give me a little more detail on how to setup the outbound nat rule, i have been racking my brain to figure it out.

  • on firewall -> nat -> outbound nat

    change mode to manual and add mapping rule with:

    • interface: outbound interface you want to force the ip(wan2 for example)

    • source: smtp server ip address

    • source port: any

    • destination: any

    • destination port: any or 25

    • nat address: interface address or virtual ip

Log in to reply