From owner-freebsd-hackers@FreeBSD.ORG  Mon Mar  6 12:44:17 2006
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
X-Original-To: freebsd-hackers@freebsd.org
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8737116A420
	for <freebsd-hackers@freebsd.org>; Mon,  6 Mar 2006 12:44:17 +0000 (GMT)
	(envelope-from listas@itm.net.br)
Received: from venom.itm.net.br (venom.itm.net.br [201.30.187.6])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 443E543D81
	for <freebsd-hackers@freebsd.org>; Mon,  6 Mar 2006 12:43:59 +0000 (GMT)
	(envelope-from listas@itm.net.br)
Received: (qmail 34358 invoked by uid 89); 6 Mar 2006 12:43:31 -0000
Received: by simscan 1.1.0 ppid: 34353, pid: 34354, t: 0.2558s
	scanners: attach: 1.1.0 clamav: 0.88/m:35/d:1281 spam: 3.1.0
X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on venom.itm.net.br
X-Spam-Level: 
X-Spam-Status: No, score=-3.9 required=10.0 tests=ALL_TRUSTED,AWL,BAYES_00 
	autolearn=ham version=3.1.0
Received: from ironman.fsonline.com.br (HELO ironman) (201.30.187.70)
	by venom.itm.net.br with SMTP; 6 Mar 2006 12:43:30 -0000
Message-ID: <009601c6411b$0d455d90$0e4fdfc8@ironman>
From: "Cesar" <listas@itm.net.br>
To: <freebsd-hackers@freebsd.org>
Date: Mon, 6 Mar 2006 09:39:46 -0300
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1";
	reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2670
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
X-Antivirus: avast! (VPS 0609-3, 03/03/2006), Outbound message
X-Antivirus-Status: Clean
Subject: Spam from NAT boxes
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Mar 2006 12:44:17 -0000

Hi,

   I have some NAT boxes running FreeBSD, each of these boxes do NAT for 
like 100+ people.
   Almost everyday my IPs got blacklisted because of spam. I cant block the 
smtp traffic going out became some people need it to send true e-mails.
   Are there any tool to detect/block those spams?

   I tought in a program that receive the connection diverted/forwarded by 
ipfw and then deliver it to SpamAssassin ...

   I also have an e-mail server fully configurated with anti-spam, 
anti-virus ... I tried forward to this e-mail server all my NAT box tcp 
connections to port 25.

   ipfw add fwd xx.xx.xx.xx,25 tcp from 192.168.0.0/24 to any 25

   I got some matches in this rule when I try to send an email, but I didnt 
get redirected to my email server.


   Any ideas and/or sugestions?


Thanks