I am trying to setup a rule to limit inbound SMTP traffic on port 25 to only come from our spam blocking provider. We are getting spam that is bypassing spam server and coming directly to mail server. The option to block on mail server has been removed on current version of software. So has to be setup on router.
You can use inbound firewall rules in the Balance under: Network> Firewall> Access Rules and only allow SMTP traffic from your spam blocker’s IP address(s).
Email Rule
Protocol = TCP SMTP
Source IP & Port = Spam blocker’s IP address, any port
Destination = Internal Email server IP address, single port 25
Allow
Default Rule = Deny
The Email rule needs to be “Allow” and the Default rule needs to be “Deny”. Also, the IP address for the internal email server should be its internal address, not the public IP.
Email Rule
Protocol = TCP SMTP
Source IP & Port = Spam blocker’s Public IP address, any port
Destination = Internal Email server’s Private IP address, single port 25
Allow
Default Rule = Deny
What you have now allows email from everybody except for 8.31.233.0 which appears to be a network instead of an IP address. If you want to allow an entire network for the source, a network with the proper mask should be specified, not an IP address.