How to Rate Limit Mail Ports with IPTables
In this article, we will explore how to set up rate limiting for outgoing emails on specific mail ports using iptables. Rate limiting can be useful to prevent abuse or spamming from your network and ensure fair usage of resources. We will focus on rate limiting ports 25, 110, 465, 587, 995, and 2525 to three outgoing emails per minute using iptables rules.
Install IPTables
Make sure that iptables is installed on your system. To install it, you can use the package manager specific to your Linux distribution. For example, on Ubuntu or Debian, you can run the following command:
apt install iptablesCreate the firewall rules
Now, let's create the iptables rules to rate limit the mail ports. We will use the iptables command to define the rules. Open a terminal and execute the following commands:
iptables -A OUTPUT -p tcp -m multiport --dports 25,110,465,587,995,2525 -m limit --limit 10/min --limit-burst 6 -j ACCEPTSet the default policy
If you don't already drop all other traffic, you may want to create a default policy which drops traffic that isn't accepted by your firewall. To do this, first check your current firewall:
iptables -SIf you don't already drop all traffic that doesn't align with your firewall policy, you may want to drop it but do so with caution:
iptables -P OUTPUT DROPSave the iptables rules
To ensure that the iptables rules persist across system reboots, we need to save them. Different Linux distributions have different methods for saving iptables rules. Here, we will use the iptables-persistent package, which is commonly available on Ubuntu and Debian.
apt install iptables-persistent