Trying to filter outgoing traffic to mail ports

Michail Pappas

353
+1/-0

Trying to filter outgoing traffic to mail ports

« on: September 04, 2025, 01:55:21 PM »

A friend on which I had installed SME years (10.2) ago suddenly got SME blackllisted in spamhaus. Might be a rogue LAN pc in his LAN, so I thought I'd follow instructions in https://wiki.koozali.org/Firewall#Block_outgoing_IPs_or_mac_addresses

(There was a hint to use the latest patches, not sure which they are though.)

However in messages I see the following:

Code: [Select]

 14:44:28 mail server masq: iptables v1.4.21:
Sep  4 14:44:28 mail server masq: The "nat" table is not intended for filtering, the use of DROP is therefore inhibited.
Sep  4 14:44:28 mail server masq: Try `iptables -h' or 'iptables --help' for more information.

Any idea on what has to be changed?

FYI:

Code: [Select]

masq=service
    DenylogTarget=drop
    Logging=most
    Stealth=no
    TCPBlocks=0.0.0.0/0:25,0.0.0.0/0:465,0.0.0.0/0:587
    Trace=disabled
    UDPBlocks=0.0.0.0/0:587
    pptp=yes
    status=enabled

Logged

bunkobugsy

310
+4/-0

Re: Trying to filter outgoing traffic to mail ports

« Reply #1 on: Yesterday at 11:33:11 AM »

https://forums.koozali.org/index.php/topic,55266.msg291704.html

Logged

Michail Pappas

353
+1/-0

Re: Trying to filter outgoing traffic to mail ports

« Reply #2 on: Yesterday at 01:06:50 PM »

Quote from: bunkobugsy on Yesterday at 11:33:11 AM

https://forums.koozali.org/index.php/topic,55266.msg291704.html

My apologies mate, I've referenced the wrong link. It's the next one that I've implemented (and get those error messages): https://wiki.koozali.org/Firewall#Block_outgoing_ports

Logged