-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A FORWARD -s xx.xx.xx.xx/32-p tcp -m multiport --dports 25,587,465 -j LOG --log-prefix "FORWARD:DROP:" --log-level 6
-A FORWARD -s xx.xx.xx.xx/32 -p tcp -m tcp --dport 465 -m limit --limit 1/sec -j ACCEPT
-A FORWARD -s xx.xx.xx.xx/32 -p tcp -m tcp --dport 587 -m limit --limit 1/sec -j ACCEPT
-A FORWARD -s xx.xx.xx.xx/32 -p tcp -m tcp --dport 25 -m limit --limit 1/sec -j ACCEPT
-A FORWARD -s xx.xx.xx.xx/32 -p tcp -m tcp --dport 465 -j DROP
-A FORWARD -s xx.xx.xx.xx/32 -p tcp -m tcp --dport 587 -j DROP
-A FORWARD -s xx.xx.xx.xx/32 -p tcp -m tcp --dport 25 -j DROP
openvz limit smtp connection
Leave a reply