I have a firewall that uses ipchains with a gateway mail server behind it that scans messages for viruses for a few networks. Some how the box has picked up some sort of trojan or virus that I have not found yet, and is spewing mail. For the immediate I need a rule that stops all destination port 25 traffic except for the allowed domains. This is what I have used, but all port 25 traffic has stopped. ipchains -I input -j ACCEPT -p tcp -s 10.11.11.0/0 -d permited_domain/0 25 ipchains -I input -j ACCEPT -p tcp -s 10.11.11./0 -d permited_domain/0 25 ipchains -I input -j REJECT -p tcp -s 10.11.11.0/0 -d reject_everything_else/0 25 Thanks in advance _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list