1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Firewall custom rules

Discussion in 'Plesk for Linux - 8.x and Older' started by wgc0, Nov 8, 2007.

  1. wgc0

    wgc0 Guest

    I have created some custom rules in the firewall to block port 25 from certain IP blocks. Initially I did this as a deny incoming and all mail delivery to clients stopped. I then set it as a deny forward to any from the IP block but it does not seem to have any effect.
    Specificly, how does one indicate a network to the firewall rules? does it take to mean the whole of the network? Current evidence shows it does not. If not, what convention am I supposed to use to indicate this network?

    Thanks for any assistance.
  2. Satoriya

    Satoriya Guest


    If you wish to prevent connection to port 25 from network, a firewall rull should be like that:

    # iptables -A INPUT -p tcp --dport 25 -s

    Can yoou please post here the rule you applied?
  3. wgc0

    wgc0 Guest

    I use the Plesk control panel via web and go to the add cutom rule page.
    Headings and subheadings are as such:

    Match Direction


    Sources <- this is the entry spot for the netowrk.

    This is an OS X installation btw. Doesn't mean much but some of the files are in different locations than that of Linux.
  4. wgc0

    wgc0 Guest

    initially I used deny incoming to port 25 from
    I still get connections via smtp from the network. is not accepted in the sources entry indicated with a pop up error.

    With this entry mail was no delivered via POP to clients nor was it forwarded via forwarder addresses. When the rule was removed mail was delivered to clients immediately that had been on the server for 24 hours.

    I've also tried setting it as a forward rule from to any on port 25 as well. This seemed to have no affect at all on the mail system.

    Thank you for your attention on this.