See the content

pfSense blocking traffic from emails (spammers) from the internal network

Posts in the series pfSense traffic and emails from internal network

  1. pfSense blocking traffic from emails (spammers) from the internal network
  2. pfSense releasing the exit of emails to external providers

Well today I want to comment on the use of pfsense [1] as a firewall or gateway to share Internet is a real find for any network administrator. In a previous post [2] made a brief presentation of this powerful distribution based on FreeBSD.

I believe the email a particular type of web service has failed, though I still use. The traffic generated by illegitimate messages already occupies more than 50% of most servers. The problem is so serious that many administrators must block any exit door by 25, among others, to prevent the inclusion in the field of network list of spammers. This lock is necessary because despite all the filters on the mail server the various virtual pests that contaminate customers take advantage of the internal network so sneaky of NAT (Network Address Translation) and transmit directly SPAM, be made SMTP servers.

Pfsense with the blocking of traffic is simple enough to access the administrative web interface (Figure 1) and click on the "Firewall" -> "Rules" tab then click on LAN, because we want to include a rule that blocks all traffic on our internal network to the outside. On the screen of rules for the LAN by clicking on the icon with the symbol of plus (+) in the upper right corner of the screen (add new rule). On the screen (Figure 2) edited following the new rule filling the following fields: Action = Block and Destination port range (from and to SMTP: SMTP) and Any Description = | SMTP. This field is only a description and can be any descriptive text. The other fields are left with the default values, it is not necessary to change them. After ready simply click the "Save" to save the rule, the rule is stored must implement the amendments to begin functioning immediately. To apply the changes (reload the rules) is just click the "Apply changes" that automatically appears in a box at the top of the list of rules. Just as we have blocked the SMTP standard can lock the door or release other protocols / ports using the same steps explained here, obviously with the necessary adjustments.


tela principal - pfsense 1.3

Figure 1: Main Screen web interface, as in the style of the future version 1.3


tela de edição de regra do pfsense

Figure 2: Screen-editing of the rule of firewall pfsense

[1] - http://pfsense.org/

[2] - http://www.tutolivre.net/pfsense-firewall-enterprise-baseado-no-freebsd/

Next in series


BuscaPé, leader in comparing prices in Latin America
Trackback URI RSS 2.0 feed para estes comentários Este texto ( permalink ) foi publicado em sábado, julho 5, 2008, às 7:50 por wasare . Send a comment - Trackback URI RSS 2.0 feed for these comments This text (permalink) was published on Saturday, July 5, 2008, at 7:50 by wasare. Filed in FreeBSD, pfsense, security, sysadmin and the tags

Also read:

Submit a Comment

Your email will never be published or disclosed to third parties. Required fields are marked *
*
*