Start Free TrialLog in
Avatar of Lawot
Lawot

asked on 

Need to shutdown Port 25 on user machines but not the exchange server to stop spamming

I have a client that is running Small Business Server Regular Edition.  They have a Linksys BEFSR41 Router.  There are running exchange on their small business server.   I am running Trend Micro Client Server Messaging Security which is not picking up any viruses.  The only way I know they have virus issues is that they keep getting blacklisted as Spammers.  I am going to purchase a new watchguard router in the future but I need to shut down port 25 for all the local machines (there are 8 of them 6 XP Pro and 2 Windows Vista) and leave it open on the exchange server.  I am hoping this will stop what ever machine that has a virus from spamming.  

My question is, how as of today can I kill the local machines from having access to port 25 while leaving the server access.  I don't think it can be done with the linksys router.  The port filtering there seems to kill all access to port 25 including the server.  I could be wrong though.

Is there some sort of login script or just a simple configuration I could make to each machine to stop access to JUST port 25.  There are only 8 machines so it would be no big deal to go to each of them.

I want to do this today so I can submit them to be delisted.  

Thanks
OS SecurityExchangeSBS
Avatar of undefined
Last Comment
Computer101
ASKER CERTIFIED SOLUTION
Avatar of rpartington
rpartington
Flag of United Kingdom of Great Britain and Northern Ireland image
Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of rpartington
rpartington
Flag of United Kingdom of Great Britain and Northern Ireland image
just noticed my bad grammer above apologies.
Avatar of Lawot
Lawot

ASKER

No problem with the Grammer,  I have run TrendMicro, Norton on each machine.  No virus.  I have done this several times on each machine.  I am listed on the CBL http://cbl.abuseat.org/server.html, and they say they dont list open relays, which I am not because I checked.  Anyway thanks for the help.
Avatar of rpartington
rpartington
Flag of United Kingdom of Great Britain and Northern Ireland image
Are you also showing up here then using the Spam Database Lookup option

http://www.dnsstuff.com/
Avatar of Alvin Abraham
Alvin Abraham
Flag of United States of America image
Why Disallow all traffic on the firewall from using port 25.  But only Allow the exchange server
Avatar of Lawot
Lawot

ASKER

Because i am figuring that shutting down port 25 will stop what ever machine that has a virus from spamming.
Avatar of Alvin Abraham
Alvin Abraham
Flag of United States of America image
Can't you check at the router/switch level with PC is broadcasting the most?

Do you know which Virus?
SOLUTION
Avatar of r-k
r-k
Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
SOLUTION
Avatar of Sembee
Sembee
Flag of United Kingdom of Great Britain and Northern Ireland image
Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of George Lob
George Lob
Flag of United States of America image
If I remember correctly cbl also lists servers that don't have proper PTR records set up in DNS. If you find that you arn't sending out any spam, but are still being black listed this may be the reason. Have you contacted CBL to find out why you are being list?
Avatar of Alvin Abraham
Alvin Abraham
Flag of United States of America image
Use the Microsoft Firewall to block port 25.
Avatar of Lawot
Lawot

ASKER

Do you mean the windows firewall on each workstation?
Avatar of Sembee
Sembee
Flag of United Kingdom of Great Britain and Northern Ireland image
The Windows firewall is about as much use as throwing a bucket of water on a bush fire. It cannot block outbound traffic, so isn't any use for this.

You need to block the port on your perimeter firewall. If what you are using on the perimeter cannot block ports correctly then it is not fit for purpose and should be replaced.

Simon.
Avatar of Computer101
Computer101
Flag of United States of America image
Forced accept.

Computer101
EE Admin
Exchange
Exchange

Exchange is the server side of a collaborative application product that is part of the Microsoft Server infrastructure. Exchange's major features include email, calendaring, contacts and tasks, support for mobile and web-based access to information, and support for data storage.

213K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
Ask the experts

  • "Invaluable tool for our organization"

    Josh Regalski

  • "Your help has saved me hundreds of hours of internet surfing."

    @fblack61

  • "Just a dang good service!"

    @golferski

  • "Worth every penny."

    Steve Hougom

  • "It’s been a life saver."

    Maria Halt

  • "Best support site I’ve seen!"

    Bob Schneider

  • "I would be lost without them."

    @fblack61

  • "Saved my job multiple times."

    Walt Forbes

  • "I love this site."

    Maria Duwe

  • "Friendly respectful help."

    Andrew Kowtalo

  • "Such top-notch experts."

    @magento

  • "The best money I have ever spent."

    @rwheeler23

  • "Beyond any comprehensible value"

    George Morris

  • "Invaluable tool for our organization"

    Josh Regalski

Read over 600 more reviews

TRUSTED BY

IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo
© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent