Find the answer to your Linux question:
Results 1 to 2 of 2
Let's face it. Spam is getting worse by the day. Since my web server (Linux/Apache at Serverbeach) serves only domestic clients and visitors, I want to stop all incoming contact ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Dec 2006
    Location
    Westlake, OH
    Posts
    1

    Question Blocking email using iptables


    Let's face it. Spam is getting worse by the day. Since my web server (Linux/Apache at Serverbeach) serves only domestic clients and visitors, I want to stop all incoming contact from China & Korea. For example, I want to block all email coming from any IP address from 83.0.0.0 to 83.255.255.255

    (I know this is a HUGE block of IP addresses but that's what I want to try for now.)

    My current iptable's INPUT chain (policy ACCEPT) is...
    1 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 5/sec burst 5
    2 DROP icmp -- 0.0.0.0/0 0.0.0.0/0
    3 DROP tcp -- 83.0.0.0/8 0.0.0.0/0 tcp dpt:25

    Rules 1 & 2 came with my default setup. Rule 3 was added using...

    iptables -A INPUT -p tcp -s 83.0.0.0/8 --dport 25 -j DROP
    Is the 83.0.0.0/8 the correct syntax for the entire range of IP addresses?

    Does this block everything? Or would I be better off using...

    iptables -A INPUT -p all -s 83.0.0.0/8 -j DROP

    I want to completely eliminate any contact (including access to the web site and all email originating) from Asia. The IP address ranges are easy to find on Google but I want to be sure to use the exact (aka BEST) syntax to add the new rules.

    Lastly, BIG QUESTION... After adding the new rules using the iptables -A command, is it necessary to stop and restart iptables?

    Many, many thanks for your help.

  2. #2
    Linux Newbie framp's Avatar
    Join Date
    Jul 2006
    Location
    Stuttgart, Germany
    Posts
    240
    This will work to block 83.0.0.0/8 port 25 BUT this is a huge IP range.
    Are you shure this IP range only holds chinese and korean IP adresses? I wouldn't block all thes IPs. I would install spamassisin and let your customers decide which mail to discard.
    Lastly, BIG QUESTION... After adding the new rules using the iptables -A command, is it necessary to stop and restart iptables?
    I'm not shure I get what you mean with 'restart iptables'. Whenever you execute iptables these rules will become active immediately.
    "Really, I'm not out to destroy Microsoft. That will just be a completely unintentional side effect." Linus Benedict Torvalds

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •