Hi
I try to find answer to my question, read many threads, but nothing.
I have one WAN port in my router and my internet provider forvard 24 public IP to it... I use one like Main publik IP for my internet connection, others is for servers. Problem is that many time i have problem while im backlisted. i think i have spammers on my network. Simple skript i use for autodetect and block spammers is not working after i get more public IP and i must use nat for set one of them for MAIN ADDRESS.
After i set this:
/ip firewall/nat
chain=srcnat action=src-nat to-addresses=185.188.239.206 out-interface=ether1 log=no log-prefix=""
This script not work, always added only my ip 185.188.239.206 to spammer list
/ip firewall/filter
1 ;;; Detect and add-list SMTP virus or spammers
chain=forward action=add-src-to-address-list connection-limit=30,32 protocol=tcp
address-list=spammer address-list-timeout=1d dst-port=25 limit=30/1m,5:packet log=no
log-prefix=""
2 ;;; BLOCK SPAMMERS OR INFECTED USERS
chain=forward action=drop protocol=tcp src-address-list=spammer dst-port=25 log=no
log-prefix=""
My question is, is it possible mark all connection on port 25 and send it on other public IP i have? Thisway my MAIN IP ADDRESS will be clear from spammers and will be not blacklisted. Or exist any other symple methode for block Spammers?
THX
B.R.
PS: first i cant send this post, while - Your IP 185.188.239.206 has been blocked because it is blacklisted. For details please see http://www.spamhaus.org/query/bl?ip=185.188.239.206.