we have a Netscreen 5GT and i want to configure the firewall as per our companies best practise.
we have an exchange server which obviously needs inbound and outbound port 25 traffic but I want to ensure no other machine in our network can send smtp traffic (to prevent a machine becoming a spam host).
Soo here's my config
Router is on 192.168.1.253
Exchange is on 192.168.1.210
All other machines in DHCP scope are below this so I want this rule to apply to 192.168.1.1-192.168.1.209.
Also from 192.168.1.211-253 are our other servers that don't require SMTP either.
It's a fairly well established network and the firewall was configured by a former tech. Whilst I love playing, I don't really have a lot of time so if anybody knows how I can configure the rules quickly that would be great.