How to block sending mail from local network.

All of lore.kernel.org
 help / color / mirror / Atom feed

From: David Harel <hareldvd@ergolight-sw.com>
To: netfilter@lists.netfilter.org
Subject: How to block sending mail from local network.
Date: Sat, 07 Feb 2004 12:51:33 +0200	[thread overview]
Message-ID: <4024C335.7080705@ergolight-sw.com> (raw)

Hi all,

I have a small local network and a Linux machine as a gateway to the 
Internet. On the Linux machine I started iptables using the script from 
Oscar Andreasson's tutorial at: 
http://iptables-tutorial.frozentux.net/iptables-tutorial.html
Using his script: rc.DHCP.firewall.
This script implements masquerading service to the internal network and 
provides firewall security.

The problem started when I was suspected of having a MyDoom virus or 
some other worm that sends unsolicited messages. Most likely this can 
happened to any of the machines on the internal network.

In Oscar's script the local network is treated liberally allowing them 
to everything assuming that illegal activity will be blocked elsewhere 
by the firewall. This is done using the command:
$IPTABLES -A INPUT -p ALL -i $LAN_IFACE -s $LAN_IP_RANGE -j ACCEPT
where LAN_IFACE is eth0 and LAN_IP_RANGE is 10.0.0/24 (of course 
IPTABLES is /usr/sbin/iptables)

I want to block smtp operations from the local network so the 
viruses/worms will be blocked.

I tried a command:
$IPTABLES -A OUTPUT -p TCP -i $LAN_IFACE -s $LAN_IP_RANGE --dport smtp 
-j DROP
but it did nothing.

What can I do to block those messages sending attempts?

-- 
Thanks.

David Harel,

==================================

Home office +972 4 6921986
Fax:        +972 4 6921986
Cellular:   +972 54 534502
Snail Mail: Amuka
            D.N Merom Hagalil
            13802
            Israel
Email:      hareldvd@ergolight-sw.com

next             reply	other threads:[~2004-02-07 10:51 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-02-07 10:51 David Harel [this message]
2004-02-07 20:15 ` How to block sending mail from local network Sven Schuster
2004-02-08  9:39   ` David Harel
2004-02-07 20:17 ` Rob Sterenborg
2004-02-08 15:31 ` Tarek W.
2004-02-08 21:42 ` Alex Satrapa
2004-02-08 22:40 ` Mark Weaver

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4024C335.7080705@ergolight-sw.com \
    --to=hareldvd@ergolight-sw.com \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.