We have plan to reduce possible spam initated from our server to outside world by limiting access to outbound port 25 only for Postfix with this kind of code in firewall :
Code: Select all
iptables -I OUTPUT -m owner ! --uid-owner postfix -m tcp -p tcp --dport 25 -j REJECT --reject-with icmp-admin-prohibited
We plan to add it manually via custom script since we can not add it through KeyHelp Firewall GUI (or do u know how to do it there?).
Need your opinion