Restrict inbound SMTP traffic

[rszkutak]

Hello all,
Here's the deal, I got a barracuda for spam control ( OH MY it's good ! ), anyway... I would like to do the following.

1) Restrict ALL smtp traffic inbound to 3 static IP's.

EX: 206.114.196.2, 148.99.54.5, 24.94.66.12

I only want those IP's shown to be able to get mail into the system via SMTP on port 25.

However I want to have my users authenticate against port 2525 ( which is opened already ).

I do have a rule in the system to allow the barracuda to send to the server without any authentication required by IP address.

Has anyone done what I wish to do ?

Why am I doign this? We'll somehow spammers are getting around the barracuda spam firewall even when we have only 1 MX record.

thoguths, or I am being just overly paranoid ?


-rob

 

[rszkutak]

Also as an FYI kinda thing... here is the problem we are facing with spam. ( NOT ALL BUT SOME )

It appears that spam is going right to the server and not going through the barracuda. Enclosed are 2 headers, one which indicates barracuda, and the other which does not.

I have checked the DNS records, and I indeed only have 1 MX record now. I had 2 previously as a backup incase the barracuda went dead or something silly, but bottom line, their is only 1 now.


thanks again,




****************** NO BARRACUDA:

Return-path: <[email protected]>
Envelope-to: [email protected]
Delivery-date: Tue, 29 Nov 2005 20:34:44 -0700
Received: from [63.80.24.191] (helo=hostforty.com)
by server.lzbaz.com with esmtp (Exim 4.50)
id 1EhIk0-0002bA-1J
for [email protected]; Tue, 29 Nov 2005 20:34:44 -0700
From: "Bigger TV" <[email protected]>
Message-Id: <[email protected]>
To: "Receivers37" <[email protected]>
Subject: Find out how you could get a Sylvania Plasma or a Sony HDTV on us!
Date: Tue, 29 Nov 2005 19:34:47 -0800
MIME-Version: 1.0
Content-Type: text/html;



*************************** BARRACUDA:

Return-path: <rszkutak@[email protected]>
Envelope-to: [email protected]
Delivery-date: Tue, 29 Nov 2005 19:31:43 -0700
Received: from 216-207-122-2.dia.cust.qwest.net ([216.207.122.2] helo=barracuda.lzbaz.com)
by server.lzbaz.com with esmtp (Exim 4.50)
id 1EhHl1-0002F5-NS
for [email protected]; Tue, 29 Nov 2005 19:31:43 -0700
X-ASG-Debug-ID: 1133317902-16124-9-0
X-Barracuda-URL: http://216.207.122.2:2222/cgi-bin/mark.cgi
Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.204])
by barracuda.lzbaz.com (Spam Firewall) with ESMTP id 517278D9C
for <[email protected]>; Tue, 29 Nov 2005 19:31:43 -0700 (MST)
Received: by wproxy.gmail.com with SMTP id i2so114884wra
for <[email protected]>; Tue, 29 Nov 2005 18:31:42 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
s=beta; d=gmail.com;
h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition;
b=b8FeiaOtvs4Txr7OL1cwmrLqhNAW9xHzWqQ9FWUYod01m9VN7V9kMdKoImEDYEJpMd2+JfqzCeJQdpew4YG+MTAGEQeMMDROLp0iv3Qdrc3ABLaZkSLFFX/5CKsK2x9gfBJLLdiRrsdgVENi6EE5iNMpt4+Epa6WZTCXMycMbYs=
Received: by 10.65.84.5 with SMTP id m5mr3557224qbl;
Tue, 29 Nov 2005 18:31:42 -0800 (PST)
Received: by 10.65.133.12 with HTTP; Tue, 29 Nov 2005 18:31:42 -0800 (PST)
Message-ID: <[email protected]>
Date: Tue, 29 Nov 2005 19:31:42 -0700
From: Rob Szkutak <[email protected]>
To: [email protected]
X-ASG-Orig-Subj: barracuda ?
Subject: barracuda ?
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
X-Virus-Scanned: by Barracuda Spam Firewall at lzbaz.com
X-Barracuda-Bayes: INNOCENT GLOBAL 0.4935 1.0000 0.0000
X-Barracuda-Spam-Score: 0.00
X-Barracuda-Spam-Status: No, SCORE=0.00 using global scores of TAG_LEVEL=1.7 QUARANTINE_LEVEL=1.9 KILL_LEVEL=2.3 tests=
X-Barracuda-Spam-Report: Code version 3.02, rules version 3.0.5711
Rule breakdown below pts rule name description
---- ---------------------- --------------------------------------------------