Solved

How do I block all traffic from a foreign country using SBS2003 with ISA 2004

Posted on 2006-11-01
4
256 Views
Last Modified: 2010-04-09
Hello all,

I would like to setup a rule to block remote smtp connections from China and Latin America by IP address or range of IP's. I followed the steps outlined in the last post here: http://forums.isaserver.org/m_250018400/mpage_1/key_block%2cchina/tm.htm#250018416 , but now I am getting a ton of event: 15108 warnings in the Application log. What is the proper way to configure ISA to accomplish this task?

Thanks,

Todd  
0
Comment
Question by:MasPreguntas
  • 3
4 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 500 total points
ID: 17860723
I assume you have published your mail server through a publishing rule? By default the listener that gets configured shows Anywhere as the FROM entry. In the bottom half of the FROM box, you will see an exceptions section.

make subnet entries that cover the IP addresses you want to block port 25 traffic for ( highlight the firewall policy then use the toolbox on the right to create subnets etc) then add these entries to the exceptions box. Save the policy.



0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17860747
Alternatively of course you could add the exclusions within the SMTP service itself but ISA is probably the best place.
0
 
LVL 1

Author Comment

by:MasPreguntas
ID: 17903051
I ended up creating a new address range and creating a new firewall access rule. I called the rule 'Spam-killer' with action set to deny all outbound traffic from the freshly created address range to localhost appied to all users. I chose this method over using the SMTP publishing rule, because I decided to just block all access instead of just SMTP. Your method would have worked, so I'll give you the points.

Thanks.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17904613
Thank you :)
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Watchguard test environment ? 3 69
perimeter firewall HA impact on outages 2 58
Probable TCP NULL scan detected 10 278
suspending the anti virus 6 122
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

815 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now