spam cotrol
RouterOS general discussion

9 posts   •   Page 1 of 1
sri
newbie
 
Posts: 42
Joined: Tue Mar 23, 2010 10:48 am

spam cotrol

by sri » Tue Dec 07, 2010 11:57 am

Hi,

How can i control spamming on 450g router board.

Thanks

User avatar
mrz
MikroTik Support
MikroTik Support
 
Posts: 4080
Joined: Wed Feb 07, 2007 1:45 pm
Location: Latvia

Re: spam cotrol

by mrz » Tue Dec 07, 2010 11:59 am

In firewall allow only your SMTP server, drop the rest. And setup spamfilters on your server.

sri
newbie
 
Posts: 42
Joined: Tue Mar 23, 2010 10:48 am

Re: spam cotrol

by sri » Tue Dec 07, 2010 3:33 pm

Thanks,

Can you give me any example.

User avatar
Question42
just joined
 
Posts: 15
Joined: Sat Nov 13, 2010 12:05 am

Re: spam cotrol

by Question42 » Tue Dec 07, 2010 3:33 pm

mrz, I assume you meant SMTP server?

sir, what are you trying to achieve? Controlling inbound spam to your mail server, outbound spam from your network or outbound spam from your mailserver?

sri
newbie
 
Posts: 42
Joined: Tue Mar 23, 2010 10:48 am

Re: spam cotrol

by sri » Wed Dec 08, 2010 10:05 am

We are running a small ISP i want to block spamming from my customers due to virus or any other issue to hit my upstream provider. I want to drop all the spam at my router itself without reaching my upstream provider router.

Thanks.

User avatar
Question42
just joined
 
Posts: 15
Joined: Sat Nov 13, 2010 12:05 am

Re: spam cotrol

by Question42 » Wed Dec 08, 2010 10:12 am

Other than blocking port 25/TCP for anything other than your SMTP server (if you run one) there isn't anything you can do on the RouterOS box itself. If you have your own mail server then you can use one of the many anti-spam engines (commercial or free) to filter out spam and other malicious emails.

sri
newbie
 
Posts: 42
Joined: Tue Mar 23, 2010 10:48 am

Re: spam cotrol

by sri » Wed Dec 08, 2010 10:35 am

Here problem is it is not affecting my mail server, due to this spamming my upstream provider ip-pool is getting blacklisted. Is there any way i can stop spamming to drop at my router.

Thanks

User avatar
Question42
just joined
 
Posts: 15
Joined: Sat Nov 13, 2010 12:05 am

Re: spam cotrol

by Question42 » Wed Dec 08, 2010 12:17 pm

Yes - as has been said by myself and mrz - block 25/TCP (SMTP) for all except your mail server. Your clients will then have to relay their email through your mail server, where you can apply filtering.

Feklar
Forum Guru
Forum Guru
 
Posts: 1421
Joined: Wed Dec 02, 2009 12:46 am

Re: spam cotrol

by Feklar » Wed Dec 08, 2010 8:41 pm

The other option is to have a set of filter rules that will drop "suspicious" amounts of e-mail coming from a single host for a while. What amount is suspicious is up to you to determine.

Code: Select all
/ip firewall filter
add action=add-src-to-address-list address-list="Block Spam" \
    address-list-timeout=1h chain=forward comment="Detect Possible Spamer" \
    connection-limit=10,32 disabled=no dst-port=25 limit=30,5 protocol=tcp
add action=drop chain=forward comment="" disabled=no dst-port=25 protocol=tcp \
    src-address-list="Block Spam"


With this set of rules, a /32 (single client) is allowed to have up to 10 connections to port 25 at a time, and can send up to 35 packets a second over port 25. Once these limits are violated, they are blocked from sending more mail for 1 hour. Adjust to your needs.

9 posts   •   Page 1 of 1

Who is online

Users browsing this forum: Bing [Bot], Exabot [Bot], Google [Bot], iqt, ztardik and 58 guests

It is currently Wed Nov 26, 2014 11:42 am