Hello,
I want outgoing e-mails to be sent only by my mail server (local server, IP: 192.168.0.200) and to deny use of port 25 from other IP’s in my LAN. To avoid spam being sent from compromised PC’s.
What is best way to accomplish this ?
If someone could help me with the firewall rules I would really appreciate.
Thank you.
in firewall just set up rule that will check TCP protocol chain forward src-address=!192.168.0.200 action=drop
Not so easy.
If I add the rule below I can’t telnet mail.domain.com 25 from outside, the port is closed.
/ip firewall filter add action=drop chain=forward disabled=no dst-port=25 protocol=tcp src-address=!192.168.0.233
Add out-interface=ether1-gateway.