Date: Thu, 22 Jun 2006 09:08:01 -0400 From: Chuck Swiger <cswiger@mac.com> To: kieran@slinq.com Cc: freebsd-questions@freebsd.org Subject: Re: Using IPFW to redirect all outgoing SMTP traffic to localhost Message-ID: <449A9631.6080705@mac.com> In-Reply-To: <1332.80.42.67.159.1150977159.squirrel@mail.digital-crocus.com> References: <1332.80.42.67.159.1150977159.squirrel@mail.digital-crocus.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Kieran Simkin wrote: > I have an IPFW question that I'm a bit stuck on and > could do with some help. Basically what I'm trying to do is count and > limit the number of e-mails each user on the system is allowed to send. > I've got this working fine within the e-mail server and everything's > dandy, except for the fact that it's easy to bypass the mail server by > making direct SMTP connections to the target hosts. Yes. Use the firewall to do something like: ipfw add pass tcp from any to MAILSERVER 25 keep-state ipfw add pass tcp from MAILSERVER to any 25 keep-state ipfw add unreach filter-prohib log tcp from any to any 25 (I suppose you could use a deny instead, but getting an actual ICMP error is probably more useful in this situation....) -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?449A9631.6080705>