Block Outgoing SMTP Except for Mail Server

Masters,

Our ISP ask to solve a problem. They said we send many SPAM from our server. (they only give our router IP address, so we don"t know if we have SMTP flooders from infected cllient, our we send from our exchange server)

So we decided we need to configure our mikrotik router to only allow send from our server and only allow send to our Mail provider (Smart host in Exchange)

So first we set this rule:

Action:drop
Chain:Foward
Src address:!192.168.1.1
Protocoll:TCP
Destination port:25

This rule works like a charm, we test with telnet, and with this only works from our mail server.

So we extend we another rule, to work only to our ISP.

Action:drop
Chain:Foward
Dst address:!XX.XX.XX.XX
Protocoll:TCP
Destination port:25

This works well, we can only telnet from our mail server to this smart host (this is the IP of our Mail provider)

Unfortunatelly with this settings, e-mail cannot get. We can send, but no receive. If i try to telnet to our server, its not working.

Could you help us how to fix, modify the rules?

Thank you masters!

I suspect your rules are dropping all incoming activity on port 25. You need to permit the internet to communicate with your box via 25 (DNAT port 25 to the Exchange server).

If the RouterOS device is meant to be working as a firewall then you would expect to have a default drop rule in the forward chain and then above that you would explicitly permit the traffic which should be allowed.

Dear CelticComms,

Sorry for my poor english, but i’m not sure what you said..may i ask you to write the code i need?

tnx

NAT to the server port 25 is set of course.

Try adding the in-interface statement to your rules, matching your LAN port/bridge.
-Chris

“Try adding the in-interface statement to your rules, matching your LAN port/bridge.”
Its solved my problem. Thank you.