SLUG Mailing List Archives
Re: [SLUG] smtp loops and dns spoofing
- To: "Stewart" <stewart@xxxxxxxxx>, <slug@xxxxxxxxxxx>
- Subject: Re: [SLUG] smtp loops and dns spoofing
- From: "David Kempe" <dave@xxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 16 Oct 2003 20:41:46 +1000
----- Original Message -----
From: "Stewart" <stewart@xxxxxxxxx>
> any other ideas?
You might be better off not using a DNS solution, and instead just making an
iptables rule that intrecepts/redirects outbound smtp.
$SMTP = 192.168.1.3
iptables -t nat -A PREROUTING -i eth1 -tcp --dport 25 -j DNAT --to $SMTP
if you use shorewall you can do this in your rules file:
DNAT loc net:220.127.116.11:25 tcp 25 - all
that IP being mail.tpg.com.au.
seems to work fairly well for us in a few locations.