Solved

How do I block all traffic from a foreign country using SBS2003 with ISA 2004

Posted on 2006-11-01
4
258 Views
Last Modified: 2010-04-09
Hello all,

I would like to setup a rule to block remote smtp connections from China and Latin America by IP address or range of IP's. I followed the steps outlined in the last post here: http://forums.isaserver.org/m_250018400/mpage_1/key_block%2cchina/tm.htm#250018416 , but now I am getting a ton of event: 15108 warnings in the Application log. What is the proper way to configure ISA to accomplish this task?

Thanks,

Todd  
0
Comment
Question by:MasPreguntas
  • 3
4 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 500 total points
ID: 17860723
I assume you have published your mail server through a publishing rule? By default the listener that gets configured shows Anywhere as the FROM entry. In the bottom half of the FROM box, you will see an exceptions section.

make subnet entries that cover the IP addresses you want to block port 25 traffic for ( highlight the firewall policy then use the toolbox on the right to create subnets etc) then add these entries to the exceptions box. Save the policy.



0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17860747
Alternatively of course you could add the exclusions within the SMTP service itself but ISA is probably the best place.
0
 
LVL 1

Author Comment

by:MasPreguntas
ID: 17903051
I ended up creating a new address range and creating a new firewall access rule. I called the rule 'Spam-killer' with action set to deny all outbound traffic from the freshly created address range to localhost appied to all users. I chose this method over using the SMTP publishing rule, because I decided to just block all access instead of just SMTP. Your method would have worked, so I'll give you the points.

Thanks.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17904613
Thank you :)
0

Featured Post

Watch Anatomy of a Wi-Fi Hack On-Demand

In less than a weekend, anyone with Internet access and some free time can become a Wi-Fi MitM to wreak havoc on your network. View our Wi-Fi Expert in an on-demand episode of our Secure Wi-Fi mini-series as he explores the motives, execution, and anatomy of a Wi-Fi hack.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question