LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 07-02-2007, 05:39 PM   #1
nytcrwlr70
LQ Newbie
 
Registered: Jul 2007
Posts: 2

Rep: Reputation: 0
How to Accept SMTP Requests for Subnet Only


Hello,

how do I allow ip addresses for subnet 192.165.x.x to access my server via SMTP but any other subnet outside of that group is rejected?

I tried the following syntax:

iptables -I INPUT 1 -s 192.165.0.0/16 -d 192.165.17.3 -p tcp --dport 25 --tcp-flags SYN,RST,ACK SYN -j ACCEPT

iptables -A INPUT -d 192.168.17.3 -j REJECT

Will this work?

Last edited by nytcrwlr70; 07-02-2007 at 05:55 PM.
 
Old 07-05-2007, 08:30 AM   #2
coolb
Member
 
Registered: Apr 2006
Location: Cape Town, South Africa
Distribution: Gentoo 2006.1(2.6.17-gentoo-r7)
Posts: 222

Rep: Reputation: 30
what about hosts.allow and hosts.deny ?
 
Old 07-06-2007, 07:21 AM   #3
TigerOC
Senior Member
 
Registered: Jan 2003
Location: Devon, UK
Distribution: Debian Etc/kernel 2.6.18-4K7
Posts: 2,380

Rep: Reputation: 49
This kind of restriction should be part of your MTA (Postfix certainly is able to define the network connection).
 
Old 07-06-2007, 10:58 AM   #4
nytcrwlr70
LQ Newbie
 
Registered: Jul 2007
Posts: 2

Original Poster
Rep: Reputation: 0
This is true. However, I want Postfix to drop e-mail from the outside world and only allow connections from within out internal network. Perhaps I'll take this to a Postfix forum.
 
Old 07-07-2007, 02:21 AM   #5
TigerOC
Senior Member
 
Registered: Jan 2003
Location: Devon, UK
Distribution: Debian Etc/kernel 2.6.18-4K7
Posts: 2,380

Rep: Reputation: 49
Quote:
Originally Posted by nytcrwlr70
This is true. However, I want Postfix to drop e-mail from the outside world and only allow connections from within out internal network. Perhaps I'll take this to a Postfix forum.
The easiest way to deal with this is not to forward port 25 on your external router interface. If the interface is closed then there is no connection to the outside world.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Redirect SMTP Requests ALInux Linux - Networking 2 08-03-2006 08:41 AM
IPchains rejecting smtp AND pop3 from different subnet wrighty Linux - Security 1 04-07-2006 04:19 PM
iptables accept ftp port only to specific subnet GUIPenguin Linux - Security 2 09-29-2005 11:24 AM
Server refusing SMTP connection requests Lunch Linux - Networking 3 03-16-2004 10:06 AM
How to let sendmail accept the ADSL connect to it SMTP explorer1979 Linux - General 1 07-16-2002 03:52 PM


All times are GMT -5. The time now is 05:05 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration