LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page How to Accept SMTP Requests for Subnet Only
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 07-02-2007, 04:39 PM   #1
nytcrwlr70
LQ Newbie
 
Registered: Jul 2007
Posts: 2

Rep: Reputation: 0
How to Accept SMTP Requests for Subnet Only

Hello,

how do I allow ip addresses for subnet 192.165.x.x to access my server via SMTP but any other subnet outside of that group is rejected?

I tried the following syntax:

iptables -I INPUT 1 -s 192.165.0.0/16 -d 192.165.17.3 -p tcp --dport 25 --tcp-flags SYN,RST,ACK SYN -j ACCEPT

iptables -A INPUT -d 192.168.17.3 -j REJECT

Will this work?
Last edited by nytcrwlr70; 07-02-2007 at 04:55 PM.
 
Old 07-05-2007, 07:30 AM   #2
coolb
Member
 
Registered: Apr 2006
Location: Cape Town, South Africa
Distribution: Gentoo 2006.1(2.6.17-gentoo-r7)
Posts: 222

Rep: Reputation: 30
what about hosts.allow and hosts.deny ?
 
Old 07-06-2007, 06:21 AM   #3
TigerOC
Senior Member
 
Registered: Jan 2003
Location: Devon, UK
Distribution: Debian Etc/kernel 2.6.18-4K7
Posts: 2,380

Rep: Reputation: 48
This kind of restriction should be part of your MTA (Postfix certainly is able to define the network connection).
 
Old 07-06-2007, 09:58 AM   #4
nytcrwlr70
LQ Newbie
 
Registered: Jul 2007
Posts: 2

Original Poster
Rep: Reputation: 0
This is true. However, I want Postfix to drop e-mail from the outside world and only allow connections from within out internal network. Perhaps I'll take this to a Postfix forum.
 
Old 07-07-2007, 01:21 AM   #5
TigerOC
Senior Member
 
Registered: Jan 2003
Location: Devon, UK
Distribution: Debian Etc/kernel 2.6.18-4K7
Posts: 2,380

Rep: Reputation: 48
Quote:
Originally Posted by nytcrwlr70
This is true. However, I want Postfix to drop e-mail from the outside world and only allow connections from within out internal network. Perhaps I'll take this to a Postfix forum.
The easiest way to deal with this is not to forward port 25 on your external router interface. If the interface is closed then there is no connection to the outside world.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Redirect SMTP Requests ALInux Linux - Networking 2 08-03-2006 07:41 AM
IPchains rejecting smtp AND pop3 from different subnet wrighty Linux - Security 1 04-07-2006 03:19 PM
iptables accept ftp port only to specific subnet GUIPenguin Linux - Security 2 09-29-2005 10:24 AM
Server refusing SMTP connection requests Lunch Linux - Networking 3 03-16-2004 09:06 AM
How to let sendmail accept the ADSL connect to it SMTP explorer1979 Linux - General 1 07-16-2002 02:52 PM


All times are GMT -5. The time now is 09:49 AM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
 
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration