firewall it on the local machine, Linux has firewalling capabilities (ipchains in 2.2, iptables in 2.4).
No no, that's not the point. I could do that. But I thought that other mailservers (for example yours) is talking to my mailserver on that port 25. Isn't that right? So if I block that port, I won't receive any mails any more!
You can block access to port 25 for specific source IP addresses and specific interfaces with ipchains (and very probably with iptables, too, but I haven't used it myself yet). Sort of as in the following example, where: MAILSERV = mail server's IP address LOCALNET = local network that is only to be allowed SMTP over SSL ipchains -A input -p tcp -s ! $LOCALNET -d $MAILSERV 25 -j ACCEPT ipchains -A output -p tcp -s $MAILSERV 25 -d ! %LOCALNET ! -y -j ACCEPT ipchains -A input -p tcp -s $LOCALNET -d $MAILSERV 465 -j ACCEPT ipchains -A output -p tcp -s $MAILSERV 465 -d $LOCALNET ! -y -j ACCEPT ipchains -A input -l -j DENY ipchains -A output -l -j DENY HTH Tobias