Ubuntu Security :: Iptables How To Filter SMTP W/o S/MIME
Jul 10, 2011Does anyone know the iptables statement that will block inbound SMTP messages that are NOT S/MIME encrypted?
View 1 Replies
ADVERTISEMENT
Ubuntu Security :: Add Smtp Authentication To Postfix Installation Used As Spam Filter For Exhange Server
Feb 26, 2010I followed this How To (https://help.ubuntu.com/community/Postfix) in order to add smtp authentication to my Postfix installation used as spam filter for my exhange server, and it'seem all ok; the only thing that I don't understand is where I list all the users (with passwords) that I authorize to send mail through my server...
View 3 Replies View RelatedUbuntu Security :: Block All Ports Except Pop And Smtp In NAT Through Iptables?
Jan 20, 2010how to block all ports except pop,pop3,smtp in nat using iptables in squid on redhat A3
View 2 Replies View RelatedServer :: Smtp Proxy Filter To External Isp Smtp?
Jan 31, 2010In order to have greater control over the emails sent out the company I imagined the following scenario.ScenarioDescribing in words what I need.ser sends an email to user@hotmail.com for example, using the smtp of my isp (is the internet).Before the email is sent, the firewall checks if the recipient is blocked transparent, if you are locked out rejects the email.I searched several forums and mailing lists, but did not find scenarios similar to mine.Where found situations in which the mail servers were internally in the company, which is not my case.
View 2 Replies View RelatedServer :: 8-bit-mime Apparently Not Being Advertised By SMTP?
Jan 5, 2010I have a user that is reporting the following error on a bounced message:
Quote:
smtp;554 5.6.1 Body type not supported by Remote Host
He is forwarding emails from his exchange server to a recipient in Germany relaying through our smtp server using Surgemail as the MTA.
He called a senior tech specialist at Microsoft to get help thinking the problem was on his end (exchange server). According to this "specialist", he said the problem was that our smtp server was not advertising 8BitMIME in its 250 statement. I tested this myself by log in on to the smtp server and doing typing the following:
Code:
EHLO localhost
250-smtp.<mycompanyname>.com. Hello localhost (127.0.0.1)
250-AUTH PLAIN LOGIN
250-DSN
[Code]....
As you can see, 250-8BITMIME is not listed here. From the bit of research I made, I found that most MTAs send this by default. Is it possible that the characters from the German language are causing this problem?
NOTE: This problem did not exist or was never reported until now. No one has made any changes on any settings on the server.
Networking :: Iptables Redirect Before Filter?
Apr 9, 2010I'd like to set up an iptables configuration as follows:- Allow all traffic by default- For one user account (anonymous), block all traffic except:- All traffic on lo- All DNS requests, which should be redirected to 127.0.0.1Here's what I tried:
# Redirect
iptables -A OUTPUT -p udp -m owner --uid-owner anonymous -m udp --dport 53 -j REDIRECT --to-ports 53
[code]....
Server :: Using IPtables To Filter Based Off Url?
Oct 8, 2010I have a very simple set up.With Network Manager I can have my laptop act as a router (sharing all connections).I also have apt-cacher-ng as a debian package cacher.I would like to set up iptables to filter only the urls that are meant for a debian package cacher.
For example:I could use a "forward all" rule:
Code:
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3142
Except then I would get a bunch of error pages every time I tried to do normal navigating.My question (again) is: Can iptables handle forwarding only on a specific url? If so how?Or is there another solution? (prferably without full fledged software like squid)
Networking :: Filter Chain And Policy For Iptables -L?
Mar 26, 2010Is it possible to only view certain chains and more specifically certain chain policies with options when doing:
iptables -L
I would like for example view FORWARD ACCEPT rules instead of waiting for all of the drop rules to load when viewing a firewalled iptables.
Networking :: Can't Initialize Iptables Table `filter'?
Apr 29, 2011On my diskless cluster, I want to open a port on the image that nodes use it.Here is what I get:
Code:
root@server:~# chroot /home/nfsroot/
root@server:/# iptables -A INPUT -p tcp -d 0/0 -s 0/0 --dport 4949 -j ACCEPT
[code]...
Ubuntu Servers :: Using Iptables To Get Web Usage Statistics And Filter Urls?
Dec 16, 2010I'm deploying new ubuntu server which should act as a router. I've already set up the NAT for local network, and also did some shaping for different groups of users, but now I'm facing new problem.I need to make a scheduled URL filter. I know it's not a problem with cron and simple script, but maybe there is existing way to do that? And also, I need to make statistics on web-traffic. I need to have list of URLs visited by users (source ip, destination url). Is it possible with iptables? or with any other software but without using proxy servers.
View 9 Replies View RelatedNetworking :: Bandwidth Management With It / Ubuntu - Filter Traffics Using Tc And Iptables
Jan 1, 2011i wanted to do bandwidth management/traffic shaping on my Internet link(have two internet connections), but i have some questions to ask: I want to know how could i for example filter some traffics using tc and iptables (e.g Peer-to-Peer,IM,Download Managers,Flash videos..) i can do filtering for known services like http,ssh,... but since these applications doesn't use one port, i am confused a little bit. I also want to do some bandwidth allocations (based on protocol) thats why i need filtering.
The other question is that currently i am using tc for bandwidth allocation and iptables for marking packets to send to these classes, am i doing it right? I mean it does work, but is it better to use for example "U32" filters for filtering? P.S: i tried to use ClearOS in gateway mode, but it doesn't have bandwidth allocation functionality. Does anyone know if i could do bandwidth allocation in ClearOS/Endian.
Ubuntu Security :: There Is No Application Installed For PGP / MIME-encrypted Message Header Files
May 22, 2010I recently had to reinstall ubuntu, so I backed up both my ~.gnupgp and ~.gnome2 folders and copied them over in the new installation. My old keys show up just fine in the password manager, but when I attempt to open a file encrypted with one of them, I get the error: "Could not display (name of file): There is no application installed for PGP/MIME-encrypted message header files"
View 1 Replies View RelatedGeneral :: Transparent Squid - Iptables Syntax And Unable To Use Outlook To Access SMTP And POP3
Feb 10, 2011I've set up Ubuntu 9.04 (desktop) at home in a lab environment (workgroup rather than domain) and have configured Squid. Everything works fine but, when I took it to the next level and made the proxy transparent, my problems began. I can still access sites (having pointed the XP Pro client to the squid box as the DG) and the sites are logged in /var/log/squid/access.log but I am unable to use Outlook to access my SMTP and POP3. I guess that the setup is blocking ports 25 and 110 and I'll need to configure iptables to forward packets destined for these ports directly to the "real" DG, rather than the Squid box. Here's the set up:
A single NIC (eth0) on 172.19.0.250 / 16 (static) ADSL router ("real" DG) on 172.19.0.1 I executed iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128 My squid.conf:
Code:
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl localnet src 10.0.0.0/8# RFC1918 possible internal network
acl localnet src 172.16.0.0/12# RFC1918 possible internal network
acl mynet src 172.19.0.0/16
[Code]....
Ubuntu Security :: What Is Good IP Filter / Firewall Program?
Jun 10, 2010What is a good IP filter/firewall program? Seeing as how I like free softwares, I download a lot of torrents. When I was using Windows, I used PeerBlock (the newer fork of PeerGuardian), however, it's not available for Linux. What would be a good alternative for this in Linux? I tried iplist as it has a GUI, and it was extremely buggy and blocked random web pages even after I put them on the exceptions list. And MoBlock has no GUI from I understand, nor has it been updated in years.
View 9 Replies View RelatedUbuntu Security :: Content Filter At Remote Locations?
Aug 6, 2010We have approximately 100 retail locations that will have split vpn tunneling. Intranet traffic will flow over the vpn to the corporate headquarters, voip traffic will tunnel to a regional hub and internet bound traffic will go over the local isp. The retail locations are small with 1-8 users and no enterprise grade equipment (servers, etc). This setup in effect will render our current content filtering solution useless.
The locations will be equipped with Cisco ASA 5505 Firewalls. The original plan was to use a Websense server and the url filtering feature to act as a content filter. I just found out that pricing for Websense was not included in the budget will be a show stopper.There may also be some performance issues with this method. Putting a proxy server at each location is not really an option. We do not have the resources to place a server at each location, plus the users could simply unplug an inline device or go around it. There is minimal supervision at most of these locations.
Ideally, I would like to find a way to use something like Dansguardian with an ldap interface and the url filtering feature of the ASA firewalls. I found a program called n2h2p, but I can find 0 documentation for it. It is also 2 years old with no updates. I also need to be able totrally manage this as trying to keep up with 100 different configurations for 400 users would be virtually impossible for the amount of time I will have available
Fedora Security :: How To Filter Ports
Apr 28, 2011I have open ports on my computer for vsftpd, pptpd, and I need help to filter this ports because they aper as open ports on internet, and this is pretty risky
View 3 Replies View RelatedSecurity :: Spam Filter Software For ISP Environment.
Jan 24, 2011We operate a small ISP and are currently using a debian distro as our gateway server.Recently we have had an increased number of spam issues with customers (not them sending it directly, rather the customer getting infected with a virus/malware and then their computer becoming a bot).I'd like to set up another gateway of sorts to sit after our authentication gateway but before our backbone to provide spam filtering (and hopefully virus filtering) for any traffic passing through which might be email.I've tried searching for any linux based software which would suit, but I'm coming up empty.
Surely there's something already out there which can perform this task.Finally, just to clarify, I'm not talking about spam filtering for email accounts we host ourselves (this is built into our mail server); I'm talking about spam originating from customers PC's which is passing through our gateway (but not our mail server).
Security :: Content Filter For Web / Email And Instant Messaging
Apr 12, 2010I have been assigned a task to implement a free open source content filter having feature of web, email, instant messaging etc. If any one has the information or worked on this type of product please share it.
View 8 Replies View RelatedSecurity :: Filter Condition Based On Full Hostname?
May 19, 2010How to filter condition based on full hostname? ie. allow inbound packets to port 25 if the packet comes from [URl]..
View 1 Replies View RelatedSecurity :: Locate Printer On Remote Network Behind Filter?
Aug 26, 2010so how can I locate a printer behind a firewall? Is it possible to enumerate the subnet behind a router ( even if a connection has not been marked)?
View 3 Replies View RelatedSecurity :: Filter Pam_rhosts_auth Messages To Prevent The Logs Filling Up?
Mar 8, 2010I have a batch job which logs in to the server every 10 minutes via windows rsh. The job checks to see is there are any files that need to be send via a EDI serverto a supplier.The following logwatch report is swamped with the login messages and would like to either suppress the logging in PAM? or suppress the entry in the logwatch report?But I still want logging id the username is not username1.Connections (secure-log) Begin rshd[1754]: pam_rhosts_auth(rsh:auth): allowed to username1@10.0.0.1 as myedi
View 2 Replies View RelatedSecurity :: Secure Webmail - SMTP Relay In DMZ?
Apr 11, 2010When you set up a webmail solution these days, either on your home LAN or at a small business. What steps do you take to make the solution as secure as possible? A couple of years ago it was sufficient to port forward both port 25 and 80/443 to you server located on the internal LAN. Today you're more likely to have a SMTP relay in a DMZ of some kind. But the webmail, how do you solve this? Do you place a dedicated webmail frontend in the DMZ and open ports towards the internal LAN, or do you just place the entire server in the DMZ? I'm looking for input for a small network/home LAN so it shouldn't be to complex.
View 4 Replies View RelatedUbuntu Security :: Postfix - Not Critical - SMTP Server: Errors From Unknown [ip Address] In Local Recipient Table
Jan 2, 2010This is a transcript I get emailed at least once every day, usually about 3 to 10 a day recently.
Transcript of session follows.
SMTP server: errors from unknown[ip address]
<boring stuff snipped>
In: RCPT TO: <server@my domain>
Out: 550 5.1.1 <server@my domain>: Recipient address rejected: User unknown in local recipient table
Session aborted, reason: lost connection Now I cannot seem to find anything via Google, as when I put "server@" anywhere in the string, I just get web hosting or other kroomst. The emails usually come from legit places, usually hotels. Does this mean they are sending bad emails, i.e. they have a Trojan/worm, or is this a live hack attempt?. I believe the later, as I might get upto 3 domains from the one ip address, which is always, NOT associated with the listed domain. Not causing me any issues, except I have been getting a lot recently.
Ubuntu Security :: Vulnerable To Infection From Website Without A "proxy Antivirus Filter"?
Dec 15, 2010I used Avast webfilter (proxied webtraffic through Avast) when running Windows. Sometimes Avast would alert and "protect" me from being infected by a compromised website. NOTE: Avast would alert even absent clicking any links. Just viewing the page could result in infection. Should I be running some kind of proxy webfilter for protection? My understanding is that Firefox can be compromised and this can in turn compromise Ubuntu.Are these kinds of threats specific to Windows running Firefox, or Firefox per se. If Firefox per se it seems like I need some sort of Proxy webfiltering like Avast provides.
View 9 Replies View RelatedUbuntu Security :: How To Reset The Iptables
Jan 14, 2010i ran this
Code:
iptables -N rate-limit
iptables -A rate-limit -p tcp -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 3 -j RETURN
iptables -A rate-limit -j DROP
iptables -I INPUT 1 -p tcp --dport 22 -j rate-limit
i am no longer able to ssh in to the machine , how can i reset iptables and firestarted back to default?
Ubuntu Security :: Use Address Not Ip In Iptables?
Jul 24, 2010i need to open this address ftp.nai.com, is there a way to use address not ip in iptables?
View 7 Replies View RelatedUbuntu Security :: Iptables Configured By UFW ?
Sep 17, 2010I've recently moved from Firestarter to UFW/GUFW, and I wonder if someone could confirm if my iptables configuration is secure.
When I enter sudo iptables -L i get:
Code:
Ubuntu Security :: Iptables Allow Via Spesific NIC?
Dec 29, 2010eth1 has connection to the net via gateway ..eth0 on the same machine has users on a intranet and needs access to the internet, i need to allow internet connection and prevent packets which logically originate from the internet getting into the intranet
View 1 Replies View RelatedUbuntu Security :: How To Clear Iptables
Apr 21, 2011Installing a router, and I need to completely "wipe" iptables (flush I mean) on both computers, and I think I run ufw/gufw on both, so that would need to be uninstalled. The router is very secure, has NAT, etc, etc, and I'd rather setup all that side of things in one point, rather than on each computer.
View 2 Replies View RelatedUbuntu Security :: Both Ufw And Iptables Running Together?
May 23, 2011Can I have both ufw and iptables running together? My server is currently using ufw, if I add an iptables rule will it have any effect?
View 6 Replies View Related