From: mourik jan c heupink <heupink@intech.unu.edu>
To: "netfilter@lists.netfilter.org" <netfilter@lists.netfilter.org>
Subject: RE: howto only allow outgoing mail from certain hosts
Date: 01 Oct 2002 21:20:50 +0200 [thread overview]
Message-ID: <1033500050.1134.7.camel@suse8> (raw)
In-Reply-To: <0EB90DD25728C04CBD401CDCD72D2A655A8E@homer.no.laasby.com>
Thank you all very much...!
You are a bunch of very helpful people here!
Never had so many replies to a single question (and so fast also!)
Thanks, and things are running just as i want them to, now.
Yours,
Mourik Jan
On Tue, 2002-10-01 at 18:03, Kjetil Laasby wrote:
> Hi.
>
> Try to put your "excluding" networks first - like
>
> iptables -A FORWARD -s mailserver1 -p tcp --dport 25 -j ACCEPT // That's
> OK
> iptables -A FORWARD -s mailserver2 -p tcp --dport 25 -j ACCEPT // That's
> OK
> iptables -A FORWARD -s 0.0.0.0/0 -p tcp --dport 25 -j DROP // Anything
> else
>
> Syntax may not be right here, just working from my head..
>
> Regards,
> Kjetil
>
> -----Original Message-----
> From: Heupink, Mourik Jan C. [mailto:Heupink@INTECH.UNU.EDU]
> Sent: 1. oktober 2002 16:09
> To: 'netfilter@lists.netfilter.org'
> Subject: howto only allow outgoing mail from certain hosts
>
> Hello all.
>
> The subject says it all, really. I want to (of course) allow OUTGOING
> mail
> from our domain, from only two designated servers. So, drop outgoing
> mail
> from any other host.
>
> I can't seem to produce the iptables command to get this to work...
> (using
> forward chain, because using transp. bridging firewall...)
>
> I guess this: iptables -A FORWARD -s x.x.x.0/24 -p tcp --dport 25
> -REJECT
> would drop all outgoing mail, right? (i guess the way to select outgoing
> mail traffic would be to use --dport..?)
>
> Now i have to find a way to make an exclusion in that rule. something
> like
> -s x.x.x.0/24 EXCEPT x.x.x.y
>
> Could anyone shed some light onto this..?
>
> Thanks very much in advance,
> Yours,
> Mourik Jan
>
next parent reply other threads:[~2002-10-01 19:20 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <0EB90DD25728C04CBD401CDCD72D2A655A8E@homer.no.laasby.com>
2002-10-01 19:20 ` mourik jan c heupink [this message]
2002-10-01 14:08 howto only allow outgoing mail from certain hosts Heupink, Mourik Jan C.
2002-10-01 15:38 ` Boryan Yotov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1033500050.1134.7.camel@suse8 \
--to=heupink@intech.unu.edu \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.