Solved

SMTP / Email server understanding

Posted on 2009-06-30
12
261 Views
Last Modified: 2013-11-30
Hello Experts,

I am trying to understand how the emails are been configured on our domain. This has previously done by one of the administrator who no longer work with us.

On all the clients machine, emails are configured on Microsoft Outlook by connecting to the POP server to send and receive emails. All I believe it does is download the emails from the POP3 server.

We have a dedicated server so no technical help I can get from my ISP on this.

On the server, I have got the "domain"  and server name  added under the default SMTP virtual server .

Then I have a POP3 service, where I can also see the same domain and when I click Server Name, the domain name comes up and upon clicking it, I get all the mailboxes listed in the right panel.

I now have been asked to change MX records and lock down the firewall for spam filtering.

Please can someone advise whether the setup I have described above is what is knows an on SMTP server?

How would I know if there is any firewall I can lock down?

Please advise

Thanks
S

0
Comment
Question by:newbie27
  • 6
  • 5
12 Comments
 
LVL 8

Assisted Solution

by:stefanx
stefanx earned 100 total points
ID: 24744079
Sounds like you have Exchange with a POP3 Connector that pulls mail from your ISP and then redistributes on Exchange. IF that is the case, then your ISP's mailserver is currently your MX record. When you change it to your server, you will have to make sure that the SMTP service is also running and that your Exchange will accept mail for the domain.

Personally, if your ISP does decent Anti-Virus and Anti-Spam, I would leave it like this because proper Anti-Spam and Anti-Virus is not a trivial matter and doing it on your own is a headache. I just guess that you wouldn't have been asked to do this if your ISP's Anti-Spam was any good ;)
0
 
LVL 7

Expert Comment

by:aamodt
ID: 24744081
do your company have an anti-spam firewall or an anti-spam software/hardware solution.

Firewalls can block incomming traffic from known spamming addressess / domains.
http://www.unixhub.com/block.html

here are one example of IP-range you want to block into your mail server.
sure if you know customers ect who lives in that part or have that IP-address range. you need to allow them.

search abit around on google after : banned IP's or something
0
 
LVL 8

Author Comment

by:newbie27
ID: 24744179
hello,

thanks for your input.

i thought we dont have exchange server setup on our dedicated 2003 web server.

this is something which i really need to understand, i have been advised to use messagelabs anti spam service ... and they asked me to change mx record and setup certain range of allowed ips to list ...

however, on the server i dont know whether any firewall is been set..

please can someone advise how can i find the firewall?

0
 
LVL 7

Expert Comment

by:aamodt
ID: 24744226
if you are useing server firewall .. it might be from :

checkpoint
comodo
norman

or something like that. Protection. but i guess you have a premimiter firewall at the start point of your network, and there you can block  spamming ip-addresses.

messagelabs anti spam service is software, so then you need to install it on the email server.

This is proberlly the best solution if you are not sure how the firewall is configured or where it is. your last administrator should have documented it like which systems and firewall solutions and so on the network contains.

but yeah install a anti spam service on the server and just update it with lastest patch and i think you are good to go. well spam will get into your network but you will stop it at the Server.

The best solution is to just drop it at your incomming network.

Hope this help you abit on your way :)

Regards Aamodt
0
 
LVL 8

Author Comment

by:newbie27
ID: 24744448
thanks again,

i cant find any of the above firewalls on the server ...

perhaps there are no firewall installed for the email server ... i have noticed that when I right click on the default SMTP virtual server under IIS, go to acces tab and when i click on  RELAY button I get few list of IP addresses which are in the allowed list ... perhaps this is the only way acting as a firewall?

does this makes sense?

Does the SMTP virtual server on IIS is actually a real SMTP server?

I need to tell the MessageLabs client whether we use SMTP server or not?

please advise
thanks
0
 
LVL 7

Accepted Solution

by:
aamodt earned 400 total points
ID: 24744547
Hey,

Yeah the allowlist in the IIS/SMTP server are abit like a simple firewall.  but i think your server does not have a software firewall then. your network router might have firewall configuration in it .. like Cisco : access-list or something like that.

best solution again is to try stopping spam  before it enter the network, but it is a more expencive solution because you need a anti-spam HW solution on the entrance of your network .. else try blocking some "BAD ip-addresses" in your Router/firewall.

The   best solution for you is probably installing a software anti-spam    /  Firewall solution so you just run it with the Mail server.


Yeah most possible it is a real virtual SMTP server, you can just try that by sending from a configured workstation. since i guess the server is up and running since your first question was how to adapt anti-spam / firewall to the mail server.

Yes you need to tell the anti-spam software what kind of protocol you are using and where the "mail server" is located .. in this case its probably POP3 and SMTP on localhost.

Regards Aamodt
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 8

Author Comment

by:newbie27
ID: 24744609
aamodt

thanks again for your input...

do i have to buy a firewall or its a freeware? if i have to install a firewall on the server with the above setup .. which one would you like to recommend?

please advise
thanks
0
 
LVL 7

Expert Comment

by:aamodt
ID: 24744695
We are using Checkpoints client firewall solutions aswell some of theirs HW solutions here in the company and out with the customers .

Checkpoint client firewalls works pretty well, highly configurable.
 
But i think you need to buy this "endpoint" solution from a provider of checkpoint products.

You have other solutions like : symantec and trend micro... those are good and has a large marked of the Security business.  but again you need to pay a small amount for these products, but you will also gain support on them if you have any  trouble setting things up in the future.

If you want something free, search a bit around on the web and read articles of the product and read if people that have tested it in a corp environment is happy about the product.

Regards Aamodt
0
 
LVL 8

Author Comment

by:newbie27
ID: 24744790
thanks,
i have got ZoneAlarm security suite installed on our clients PC and have got few spare licences..

can i use their firewall on the server?

should i install only the firewall and not the complete software on the server?

please advise
thanks
0
 
LVL 8

Author Comment

by:newbie27
ID: 24745084
this something i have been advised

Lock down your firewall:
Please place the following restrictions on your firewall after your MX changes have fully propagated. Only port 25 (also known as SMTP) traffic must be locked down to accept the IP addresses in the following link: Subnet IP
If you do not have a firewall, please make these changes to the mail server itself.


please can you advise me on this?

thanks
0
 
LVL 7

Expert Comment

by:aamodt
ID: 24746285
Yeah sure, install the firewall client on the server try to strip down most of it so only firewall Are installed / running. Then take an block all ports exept 25 and 110 (if you Are running pop as well) and add the different ip addresses to an accept list in the firewall software.

Regards Aamodt

PS :sending from mobile atm so dident want to type so much :) but i Think you can handle the rest
0
 
LVL 8

Author Comment

by:newbie27
ID: 24747050
ok let me try thanks
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
Hello Friends, My friends and relatives always ask me how to delete all the various types of emails at once in our g-mail  or windows live account.  So I researched this topic to find a unique solution to this query.  Here it is for those who do …
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now