Ladies and Gentlemen,
I think I am missing something. I am running a FreeBSD 6. server with
ipf compiled into the kernel.
Following are the headers from an email.
From: [email protected]
Subject: ****SUSPECTED SPAM**** REAL Doctors, REAL Science, REAL
Results!
Date: July 27, 2009 2:33:25 PM CDT
To: [email protected]
Reply-To: [email protected]
Received: from mail.mnea.org ([10.129.10.45]) by mo-hq-s1.mo.loc
with Microsoft SMTPSVC(6.0.3790.1830); Mon, 27 Jul 2009 14:33:29 -0500
Received: by mail.mnea.org (Postfix, from userid 10071) id
572563F661; Mon, 27 Jul 2009 14:33:29 -0500 (CDT)
Received: from speedtouch.lan (213-84-78-162.adsl.xs4all.nl
[82.95.130.154]) by mail.mnea.org (Postfix) with ESMTP id DD9233F659
for <[email protected]>; Mon, 27 Jul 2009 14:33:24 -0500 (CDT)
Received: from 82.95.130.154 by smtp.secureserver.net; Mon, 27 Jul
2009 20:33:25 +0100
Following are the relevant entries from /var/log/maillog
Jul 27 14:33:22 mail postfix/smtpd[8557]: connect from
213-84-78-162.adsl.xs4all.nl[82.95.130.154]
Jul 27 14:33:24 mail postfix/smtpd[8557]: DD9233F659:
client=213-84-78-162.adsl.xs4all.nl[82.95.130.154]
Jul 27 14:33:26 mail postfix/cleanup[7974]: DD9233F659: message-id=<[email protected]
>
Jul 27 14:33:26 mail postfix/qmgr[52904]: DD9233F659: from=<[email protected]
>, size=1245, nrcpt=1 (queue active)
And, following is the output from ipfstat showing the relevant rule(s).
@140 block in quick proto tcp from 82.0.0.0/8 to any port = smtp
If I am looking at everything correctly all traffic coming into the
system from the 82.0.0.0/8 network to port 25 on the mail server
should be blocked.
What am I missing?
Thanks for your help.
Jay
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[email protected]"
