Block Outgoing SMTP Except for Mail Server
Need to configure the "In.Interface" properties. Set to the internal interface. (matching your LAN port/bridge)
Related videos on Youtube
holian
Updated on September 18, 2022Comments
-
holian almost 2 years
Masters,
Our ISP ask to solve a problem. They said we send many SPAM from our server. (they only give our router IP address, so we don"t know if we have SMTP flooders from infected cllient, our we send from our exchange server)
So we decided we need to configure our mikrotik router to only allow send from our server and only allow send to our Mail provider (Smart host in Exchange)
In the router / firewall / NAT we allowed dst-nat to server port 25.. So first we set this rule (In router / firewall / filters:
Action:drop Chain:Foward Src address:!192.168.1.1 Protocoll:TCP Destination port:25
This rule works like a charm, we test with telnet, and with this only works from our mail server.
So we extend we another rule, to work only to our ISP.
Action:drop Chain:Foward Dst address:!XX.XX.XX.XX Protocoll:TCP Destination port:25
This works well, we can only telnet from our mail server to this smart host (this is the IP of our Mail provider)
Unfortunatelly with this settings, e-mail cannot get. We can send, but no receive. If i try to telnet to our server, its not working.
Need to fix, modify the rules to work! Thank you very much. Any help apperitiated!
Thank you masters!