-2

I'm the admin of a VPN server. One of the users is sending spam from his system through our VPN server, but I can't see which user is so I have blocked port 25 by firewall and sendmail by chmoding it, but I got several abuse reports again.

How can I block spam from being sent on our network? I have no idea, only I know their system is infected by malware.

For example:

iptables -A OUTPUT -tcp header email 3/min -j ACCEPT
Peter Brittain
  • 13,489
  • 3
  • 41
  • 57
DjMohsen
  • 3
  • 6

1 Answers1

0

Well, are you sure that you block SMTP for all OUTPUT chain traffic? I'd suggest you to block TCP:465 & TCP:587 too by the way:

iptables -I INPUT 1 -p tcp --dport 25 -j DROP
iptables -I INPUT 2 -p tcp --dport 465 -j DROP
iptables -I INPUT 3 -p tcp --dport 587 -j DROP

Take a look here for more examples about iptables config.

Valentin
  • 89
  • 2
  • i`m not begginer, actually once users connected they can send spam as they want, emails transfered suing my ip – DjMohsen Jul 22 '16 at 17:23