Results 1 to 2 of 2
Thread: Blocking email using iptables
Enjoy an ad free experience by logging in. Not a member yet? Register.
- Join Date
- Dec 2006
- Westlake, OH
Blocking email using iptables
(I know this is a HUGE block of IP addresses but that's what I want to try for now.)
My current iptable's INPUT chain (policy ACCEPT) is...
1 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 5/sec burst 5
2 DROP icmp -- 0.0.0.0/0 0.0.0.0/0
3 DROP tcp -- 22.214.171.124/8 0.0.0.0/0 tcp dpt:25
Rules 1 & 2 came with my default setup. Rule 3 was added using...
iptables -A INPUT -p tcp -s 126.96.36.199/8 --dport 25 -j DROP
Is the 188.8.131.52/8 the correct syntax for the entire range of IP addresses?
Does this block everything? Or would I be better off using...
iptables -A INPUT -p all -s 184.108.40.206/8 -j DROP
I want to completely eliminate any contact (including access to the web site and all email originating) from Asia. The IP address ranges are easy to find on Google but I want to be sure to use the exact (aka BEST) syntax to add the new rules.
Lastly, BIG QUESTION... After adding the new rules using the iptables -A command, is it necessary to stop and restart iptables?
Many, many thanks for your help.
This will work to block 220.127.116.11/8 port 25 BUT this is a huge IP range.
Are you shure this IP range only holds chinese and korean IP adresses? I wouldn't block all thes IPs. I would install spamassisin and let your customers decide which mail to discard.
Lastly, BIG QUESTION... After adding the new rules using the iptables -A command, is it necessary to stop and restart iptables?"Really, I'm not out to destroy Microsoft. That will just be a completely unintentional side effect." Linus Benedict Torvalds