From owner-freebsd-hackers@FreeBSD.ORG Mon Mar 6 15:32:12 2006 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EDE0016A420 for ; Mon, 6 Mar 2006 15:32:12 +0000 (GMT) (envelope-from baldur@foo.is) Received: from gremlin.foo.is (gremlin.foo.is [194.105.250.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id E80EF43D49 for ; Mon, 6 Mar 2006 15:32:10 +0000 (GMT) (envelope-from baldur@foo.is) Received: from 127.0.0.1 (unknown [127.0.0.1]) by injector.foo.is (Postfix) with SMTP id AEAC028427; Mon, 6 Mar 2006 15:32:09 +0000 (GMT) Received: by gremlin.foo.is (Postfix, from userid 1000) id D550A28424; Mon, 6 Mar 2006 15:32:05 +0000 (GMT) Date: Mon, 6 Mar 2006 15:32:05 +0000 From: Baldur Gislason To: Cesar Message-ID: <20060306153205.GM20678@gremlin.foo.is> References: <009601c6411b$0d455d90$0e4fdfc8@ironman> In-Reply-To: <009601c6411b$0d455d90$0e4fdfc8@ironman> User-Agent: Mutt/1.4.2.1i X-Spam-Checker-Version: SpamAssassin 3.0.4 (2005-06-05) on gremlin.foo.is X-Spam-Level: X-Spam-Status: No, score=-5.9 required=6.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham version=3.0.4 X-Sanitizer: Foo MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Disposition: inline Cc: freebsd-hackers@freebsd.org Subject: Re: Spam from NAT boxes X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2006 15:32:13 -0000 With the fwd rule, you can only redirect to 127.0.0.1 when you want your machine to intercept the connection. I'd suggest putting a tcp proxy or smtp proxy listening on 127.0.0.1 port 25 that just forwards to the mailserver box. Baldur On Mon, Mar 06, 2006 at 09:39:46AM -0300, Cesar wrote: > Hi, > > I have some NAT boxes running FreeBSD, each of these boxes do NAT for > like 100+ people. > Almost everyday my IPs got blacklisted because of spam. I cant block the > smtp traffic going out became some people need it to send true e-mails. > Are there any tool to detect/block those spams? > > I tought in a program that receive the connection diverted/forwarded by > ipfw and then deliver it to SpamAssassin ... > > I also have an e-mail server fully configurated with anti-spam, > anti-virus ... I tried forward to this e-mail server all my NAT box tcp > connections to port 25. > > ipfw add fwd xx.xx.xx.xx,25 tcp from 192.168.0.0/24 to any 25 > > I got some matches in this rule when I try to send an email, but I didnt > get redirected to my email server. > > > Any ideas and/or sugestions? > > > Thanks > > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" >