Blocking non-routable address

[thawk10]

I am constantly having people getting through trying to use my email server as an open relay. See the log file I recieve on my email server.

postfix/smtp[5215]: warning: host wireless.bobbeckett.org[127.0.0.1] greeted
me with my own hostname hostname.domain.com
Nov 16 05:49:38 hostname postfix/smtp[5215]: warning: host
wireless.bobbeckett.org[127.0.0.1] replied to HELO/EHLO with my own hostname
hostname.domain.com
Nov 16 05:49:38 ooida02 postfix/smtp[5215]: C46CA1C40AF:
to=<amadeus95@wireless.bobbeckett.org>,
relay=wireless.bobbeckett.org[127.0.0.1], delay=0, status=bounced (mail for
wireless.bobbeckett.org loops back to myself)

Is there a way to block non-routable ips at the Pix firewall?

 

[rburke]

First thing is that I would look into locking down the mail server and then worrying about outside connections as a secondary protection at the PIX. Here is a link to the cisco site that explains about access-lists, that is what you would need to block the traffic:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094aad.shtml

Burke

 

[baddos]

First make sure this line is in your PIX's config.

ip verify reverse-path interface outside


Also, your Internet router shouldn't allow these packets to come in. You could block it at your PIX too, but it would be more efficient to do it at the entry points into your network.

 

[flaz]

Baddos,
Is there a downside to adding this line to a PIX? What else would it stop. i have multiple VPN tunnels and FTP and Secure FTP running throough our PIX. Would this stop &quot;Spam&quot; from coming in? They don't have return address's?
flaz