I am using a bash script for CentOS 5.5, I found one and modified it, however I want to block the incoming IP addresses and ALLOW the IP addresses that are blocked to send out email.
I will use an internal network range for an example, 10.10.10.0/24 (if a lot of spam is incoming) from this range I want to allow the user to send out to the range.
How do I add allow 10.10.10.0/24 to this script to allow the connection to send out?
The problem I run into is I get a lot of server bruteforce attacks and spamming, yet the customer may email the user on the 10.10.10.0/24 network. We have spam devices in front of the email servers, however this does not stop the spammer from sending directly to the email server.
In the end I just want to DROP the incoming (bad IP's) and allow the (bad IP's) to send out if that makes sense.
Any help would be great.
#!/bin/bash
IPT=/sbin/iptables
SPAMLIST="spamlist"
SPAMDROPMSG="SPAM LIST DROP"
BADIPS=$(egrep -v -E "^#|^$" /root/spammer_list)
# create a new iptables list
$IPT -N $SPAMLIST
for ipblock in $BADIPS
do
$IPT -A $SPAMLIST -s $ipblock -j DROP
done
$IPT -I INPUT -j $SPAMLIST
$IPT -I OUTPUT -j $SPAMLIST
$IPT -I FORWARD -j $SPAMLIST