Argh! (Adelphia, E-mail, iptables, etc.)

[Chris Brenton]

ken at flyingtoasters.net wrote:
>
> Howdy, all.  Adelphia -- God bless them -- has nixed my in-bound port 25,
> so I can no longer receive e-mail on this account.  Which is highly
> annoying.

Ya its getting pretty insane. choiceone.net is dropping _all_ ICMP on 
their backbone. This breaks connectivity checking, MTU discovery, as 
well as actually _increasing_ the amount of traffic on the wire because 
type 3's are no longer being returned. Its also made them a choice 
address space to spoof for SYN attacks (no returning ICMP error means 
the connection queue gets tied up for over a minute rather than 50 ms or 
so). I used to get each of my public IP addresses spoofed about once 
every five days. Now each legal IP is getting spoof 30+ per day. Of 
course this also sucks down additional bandwidth. :(

> In summary, I can no longer receive SMTP, so I'm looking for:
> some magic iptables recipe to re-direct port 25 from machine a (1.2.3.4)
> to machine b (3.4.5.6). 

I've done this type of thing to make Squid run transparently. Something 
like:

iptables -t nat -A PREROUTING -p tcp -d 1.2.3.4 --dport 25 -j
REDIRECT --to-destination 5.6.7.8:10025

Should work for you (check the syntax, that's off the top of my head). 
Problem is someone else has to run this command (from the 1.2.3.4 
network) to get the traffic redirect to your network (5.6.7.8).

I've noticed a ton of people have jumped in on this thread so if you are 
all set, then cool. If not, I can give you a free mail account on 
spam-free-zone.net, or even host mail for you and give you an HTML or 
SSH connection to retrieve it. I don't do hosting (sold my ISP over a 
year ago), but would be happy to be a short term solution for you till 
you can get something else going.

If you are interested, post back off list.

Cheers all,
C