As suggested in How do you detect a spambot on your network? how can I setup firewall rule to allow only Postifx to send emails using SMTP on port 25 and disallow all other applications to send on port 25?
Mine is on Ubuntu VPS.
Something related is being talked here but not sure of the Iptables rules.
Do two things:
Run Postfix under its own user account. It should already be doing so, on any sane system.
Set an iptables rule with a uid match for that account, which blocks outgoing traffic to destination port 25 not from that user.
For example: Here we assume the username is
postfix, though it may be something different on your system.
iptables -I OUTPUT -m owner ! --uid-owner postfix -m tcp -p tcp --dport 25 -j REJECT --reject-with icmp-admin-prohibited ip6tables -I OUTPUT -m owner ! --uid-owner postfix -m tcp -p tcp --dport 25 -j REJECT --reject-with icmp6-adm-prohibited
Note that when you save the rule, the user name will be converted to a numeric uid.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.