The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to Block Port 25 Spam in FreeBSD IPFW

Discussion in 'Security' started by hicom, Mar 5, 2010.

  1. hicom

    hicom Well-Known Member

    Joined:
    May 23, 2003
    Messages:
    272
    Likes Received:
    0
    Trophy Points:
    16
    This tip will provide you information on how to block port 25 for anything but the Exim mail server.

    By default, FreeBSD uses ipfw as a firewall rule (compared to Linux iptables). You simply need to add the following rules through shell command line as a root user:

    prompt# ipfw add 100 allow tcp from any to any dst-port 25 uid root
    prompt# ipfw add 100 allow tcp from any to any dst-port 25 uid mailnull
    prompt# ipfw add 100 allow tcp from any to any dst-port 25 uid mailman
    prompt# ipfw add 100 allow tcp from me to me dst-port 25
    prompt# ipfw add 101 deny log tcp from any to any dst-port 25 out

    ** Updated by removing allow from uid nobody, and replaced it with allow from me to me which enables sendmail to communicate with Exim without needing to exit. However, if you are not running SUPHP and require your PHP application to connect to an external mail server, you'll need to add:
    prompt# ipfw add 100 allow tcp from any to any dst-port 25 uid nobody

    Hope this helps people looking to implement SMTP Tweak but running on FreeBSD.

    Tamouh
     
    #1 hicom, Mar 5, 2010
    Last edited: Mar 7, 2010
Loading...

Share This Page