Thx guys, I responded last night but seems my lovely iphone ate it..
The mail filtering service works IP-IP only, so only they can hit our mail server as we’re in a busy area and were getting slammed.
While testing VS/FW rules, TCP25 was open for 2 mins and got 2 spams. I added SourceIP (not in VS so need FW rules) and it seems to work.
I’m still getting used to chains vs the typical single FW, so please enlighten me if there’s a more elegant solution:
In (def:Drop) ppp0 Source:IP, Dest:TCP25
Fwd (def:Drop) ppp0-eth01(LAN) Source:IP, Dest:TCP25
So, it seems:
– ppp0 is used instead of ETH01
– no rules are needed for ETH01(?)
– if I happened to switch ETH01 back to a cable modem, I would then switch the rule from ppp0 back to ETH01.