DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

Firewall - filter rules etc. Spammers in the Tarpit

  • dannyboy1121
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
17 Jan 2010 08:14 #59882 by dannyboy1121
Hi Folks,

I run a mail server. To deal with Spam .. I NAT traffic to a box on my network which then (using iptables) diverts known spammers off to a Tarpit .. anything else gets sent to my mail server.

What I'm wondering is whether I could put this kind of logic on to the Draytek itself. I'm not massively familiar with the firewalling setup on Drayteks and I'm wondering if, rather than having a general NAT rule for SMTP .. if I could use the filters for source based routing .. (i.e. - anything from spammer X destined for port 25 .. send to Tarpit X)

Any help appreciated.

Dan

Please Log in or Create an account to join the conversation.

More
20 Jan 2010 21:45 #59950 by lorian
Too much like hard work. Use an SMTP proxy to do your spam control like ASSP or cleanmail

Please Log in or Create an account to join the conversation.

  • dannyboy1121
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
24 Jan 2010 22:52 #60021 by dannyboy1121
Replied by dannyboy1121 on topic Firewall - filter rules etc. Spammers in the Tarpit
Anyone able to help with the firewall rule question?

i.e. - Can I route traffic conditionally to different destinations based on source address ... using the firewall filters?

Dan

Please Log in or Create an account to join the conversation.

More
24 Jan 2010 23:34 #60022 by voodle
I'm pretty sure you can't, it's just a conditional filter to pass or block traffic, there's no way to set up routing for it.

Please Log in or Create an account to join the conversation.

More
25 Jan 2010 08:56 #60026 by paulj48

Voodle wrote: I'm pretty sure you can't, it's just a conditional filter to pass or block traffic, there's no way to set up routing for it.



What if you did a bit of 'port mapping' ie change the public port number to a private one dependant on the source IP and forward private port number to specific server. You'd have to change the port number your mail server worked on though but as youd just be directing spam this shouldnt be a problem.

Please Log in or Create an account to join the conversation.

  • dannyboy1121
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
25 Jan 2010 20:35 #60047 by dannyboy1121
Replied by dannyboy1121 on topic Firewall - filter rules etc. Spammers in the Tarpit

paulj48 wrote:

Voodle wrote: I'm pretty sure you can't, it's just a conditional filter to pass or block traffic, there's no way to set up routing for it.



What if you did a bit of 'port mapping' ie change the public port number to a private one dependant on the source IP and forward private port number to specific server. You'd have to change the port number your mail server worked on though but as youd just be directing spam this shouldnt be a problem.



Actually ... that's a bloody good idea! I may well have a look at this. If it works, I owe you a beer.


*EDIT* ... No .. still can't see how I can do this. Darn it.

Dan

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami