Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How do I block port 25 for all outgoing traffice except from my mail server

Posted on 2008-10-22
7
Medium Priority
?
2,121 Views
Last Modified: 2013-11-30
I have a sonic wall tz190. I have created an access rule that deny's any lan to wan on port 25 except for my exchange server. Actually it is 2 rules (my server is at 10.0.0.51) one that block 1-50 and one that blocks 52-254.  This should do it right? There is a rule that allows any to any though.  And it is enabled.  Does this overwrite the deny or do deny rules take priority, like in Windows. If it is setup how can I test it?
0
Comment
Question by:degoodwin
  • 4
  • 3
7 Comments
 
LVL 16

Accepted Solution

by:
btassure earned 2000 total points
ID: 22782203
Rules will be processed in order. If the first rule is permit any to any then it will match that traffic, permit it and ignore the rest. If you had the list like the attached for example it would allow smtp from the mail server, block it from anywhere else and permit all other traffic.
permit from mail server to any on port 25
deny from any to any on port 25
permit from any to any

Open in new window

0
 

Author Comment

by:degoodwin
ID: 22782352
The rules are listed as follows:

 # Priority  Source                        Destination       Service                   Action     Users    
 1 1            Bottom Range SMTP All WAN IP         SMTP (Send E-Mail) Deny     All      
 2 2           Top Range SMTP       All WAN IP         SMTP (Send E-Mail) Deny     All      
 3 3            Any                           Any                   Any                         Allow     All      
     

All are enabled.  This is correct, right? How can I test it?
0
 

Author Comment

by:degoodwin
ID: 22782356
Bottom Range SMTP is 10.0.0.1-50
Top Range SMTP is 10.0.0.51-254
The Exchange server is at 10.0.0.51
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 16

Expert Comment

by:btassure
ID: 22783559
They are processed in priority order. The system you have will work equally well but is less efficient as you add more rules and is not really in best practice.
0
 

Author Comment

by:degoodwin
ID: 22784680
So does the system check each packet against the rules and if it finds one it mathces then stops processing any more rules. The way you have the rules setup all traffic from mail server on 25 would be allowed first, then it would not bother to look at rules 2 and 3. If the packet is not from mail server and not on port 25 then it would move to rule 2, if it was port 25 traffic from anywhere else it would then get blocked.  If it was any other sort of traffic it wold progress onto 3 which would allow all. Is that how it works.  I understand the subtle difference as to how mine are setup. So if it finds a rule it applies to it stops processing anymore rules?  Is there any way to test port 25 traffic? Can I try telnet on port 25 from a workstation to an outside address and see if it connects? If it fails can I assume that it is being blocked?
0
 
LVL 16

Expert Comment

by:btassure
ID: 22787723
Yes to every question :o) That's how pretty much all firewalls work. And yes, telnet to port 25 on an upstream mail server. If it lets you in then it isn't blocked, otherwise your blocks are working.
0
 

Author Closing Comment

by:degoodwin
ID: 31508996
Thanks.  Looks like it is working after I restarted the server. The rules changes didn't take till after restart.
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We aren’t perfect, just like everyone else.  Check out the email errors our community caught and learn the top errors every email marketer should avoid.
Check out the latest tech news, community articles, and expert highlights in August's newsletter.
Please read the paragraph below before following the instructions in the video — there are important caveats in the paragraph that I did not mention in the video. If your PaperPort 12 or PaperPort 14 is failing to start, or crashing, or hanging, …
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question