I'd like to disallow external access to port 25 from all hosts except those in a specific range. Because we use a batched SMTP service from our provider, all incoming email is sent through the provider's mail servers. I've recently noticed a lot of probing on our port 25 (which seems to be originating from botnets or hacked machines), so I only want to allow the provider's servers and drop all traffic to port 25 from other IPs.
What would be the easiest way to do this on SME 7.4?
I considered trying something like:
db configuration setprop smtpd AllowHosts 194.109.127.0/24,194.109.24.0/24
signal-event remoteaccess-update
But I suspect this wouldn't work as SMTP access is allowed by default anyway?
So is there a configuration setting for qpsmtpd that will do this, or should I try constructing a custom template fragment for the firewall (/etc/e-smith/templates-custom/etc/rc.d/init.d/masq) instead? And if so, for which table?
Thanks!
Levien