LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-30-2009, 01:38 PM   #1
ridwan77
LQ Newbie
 
Registered: Mar 2006
Posts: 29

Rep: Reputation: 15
help me securing my mail server through iptables


Hello all,

I am new in linux and badly need your help.

I have a linux server running sendmail on it. I have eth0 with real ip(R.E.A.L) and eth1 with local network ip (192.168.6.0/24). A few days ago my server IP was blacklisted on CBL(Spamhaus.org) for spaming. tha spaming was generated from one of my local pc.

Now i want to secure my mail server through iptables. i want to block all my internal pc to send mail to port 25 except one PC(192.168.6.2) so that spambot can't send spam through my mail server.

Also is there any rules in iptables through which i can set a time limit(20 mails can be sent in 30 seconds from a pc) for sending mail to port 25.


Please help me out.
 
Old 04-30-2009, 02:31 PM   #2
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Arch
Posts: 8,527

Rep: Reputation: 898Reputation: 898Reputation: 898Reputation: 898Reputation: 898Reputation: 898Reputation: 898
More important, did you cleaned the infected PC?
Do you know what happened?
 
Old 04-30-2009, 02:53 PM   #3
ridwan77
LQ Newbie
 
Registered: Mar 2006
Posts: 29

Original Poster
Rep: Reputation: 15
yes, i have cleaned those pcs. i found some spyware, malware, and also some viruses.
 
Old 04-30-2009, 08:57 PM   #4
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,260

Rep: Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328
something like
Code:
iptables -I INPUT -i eth1 -s 192.168.6.2 --dport 25 -j ACCEPT
iptables -I INPUT -i eth1 --dport 25 -j DROP
See also http://www.netfilter.org/ & chap 42.8, 42.9 here http://www.linuxtopia.org/online_boo...ion/index.html
 
Old 04-30-2009, 08:57 PM   #5
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,260

Rep: Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328Reputation: 2328
something like
Code:
iptables -I INPUT -i eth1 -s 192.168.6.2 --dport 25 -j ACCEPT
iptables -I INPUT -i eth1 --dport 25 -j DROP
See also http://www.netfilter.org/ & chap 42.8, 42.9 here http://www.linuxtopia.org/online_boo...ion/index.html
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables help - securing mail server Ruthiness Linux - Security 2 02-14-2008 08:28 AM
Securing My Cacti Server With Iptables debloxie Linux - Networking 2 11-06-2006 02:09 AM
Iptables and mail server ciberrust Linux - Security 5 04-20-2006 11:45 AM
Securing server - SELinux or iptables or both? pingu Linux - Networking 2 11-10-2005 05:07 AM
Securing Mail and Web hosting server Tigger Linux - Security 1 05-31-2003 11:27 AM


All times are GMT -5. The time now is 11:03 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration