Community discussions

 
sri
newbie
Topic Author
Posts: 42
Joined: Tue Mar 23, 2010 10:48 am
Reputation: 0

spam cotrol

Tue Dec 07, 2010 11:57 am

Hi,

How can i control spamming on 450g router board.

Thanks
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 4903
Joined: Wed Feb 07, 2007 1:45 pm
Reputation: 44
Location: Latvia
Contact:

Re: spam cotrol

Tue Dec 07, 2010 11:59 am

In firewall allow only your SMTP server, drop the rest. And setup spamfilters on your server.
 
sri
newbie
Topic Author
Posts: 42
Joined: Tue Mar 23, 2010 10:48 am
Reputation: 0

Re: spam cotrol

Tue Dec 07, 2010 3:33 pm

Thanks,

Can you give me any example.
 
User avatar
Question42
just joined
Posts: 15
Joined: Sat Nov 13, 2010 12:05 am
Reputation: 0

Re: spam cotrol

Tue Dec 07, 2010 3:33 pm

mrz, I assume you meant SMTP server?

sir, what are you trying to achieve? Controlling inbound spam to your mail server, outbound spam from your network or outbound spam from your mailserver?
 
sri
newbie
Topic Author
Posts: 42
Joined: Tue Mar 23, 2010 10:48 am
Reputation: 0

Re: spam cotrol

Wed Dec 08, 2010 10:05 am

We are running a small ISP i want to block spamming from my customers due to virus or any other issue to hit my upstream provider. I want to drop all the spam at my router itself without reaching my upstream provider router.

Thanks.
 
User avatar
Question42
just joined
Posts: 15
Joined: Sat Nov 13, 2010 12:05 am
Reputation: 0

Re: spam cotrol

Wed Dec 08, 2010 10:12 am

Other than blocking port 25/TCP for anything other than your SMTP server (if you run one) there isn't anything you can do on the RouterOS box itself. If you have your own mail server then you can use one of the many anti-spam engines (commercial or free) to filter out spam and other malicious emails.
 
sri
newbie
Topic Author
Posts: 42
Joined: Tue Mar 23, 2010 10:48 am
Reputation: 0

Re: spam cotrol

Wed Dec 08, 2010 10:35 am

Here problem is it is not affecting my mail server, due to this spamming my upstream provider ip-pool is getting blacklisted. Is there any way i can stop spamming to drop at my router.

Thanks
 
User avatar
Question42
just joined
Posts: 15
Joined: Sat Nov 13, 2010 12:05 am
Reputation: 0

Re: spam cotrol

Wed Dec 08, 2010 12:17 pm

Yes - as has been said by myself and mrz - block 25/TCP (SMTP) for all except your mail server. Your clients will then have to relay their email through your mail server, where you can apply filtering.
 
Feklar
Forum Guru
Forum Guru
Posts: 1681
Joined: Wed Dec 02, 2009 12:46 am
Reputation: 36

Re: spam cotrol

Wed Dec 08, 2010 8:41 pm

The other option is to have a set of filter rules that will drop "suspicious" amounts of e-mail coming from a single host for a while. What amount is suspicious is up to you to determine.

/ip firewall filter
add action=add-src-to-address-list address-list="Block Spam" \
    address-list-timeout=1h chain=forward comment="Detect Possible Spamer" \
    connection-limit=10,32 disabled=no dst-port=25 limit=30,5 protocol=tcp
add action=drop chain=forward comment="" disabled=no dst-port=25 protocol=tcp \
    src-address-list="Block Spam"


With this set of rules, a /32 (single client) is allowed to have up to 10 connections to port 25 at a time, and can send up to 35 packets a second over port 25. Once these limits are violated, they are blocked from sending more mail for 1 hour. Adjust to your needs.

Who is online

Users browsing this forum: Murmaider and 19 guests