?
Solved

Only allow incoming emails from specific IP range

Posted on 2009-07-13
5
Medium Priority
?
476 Views
Last Modified: 2012-05-07
I've recently implemented a hosted spam & virus filtering solution.  My MX record directs all email through this filter which then forwards the email to my exchange server.  I've noticed that some email gets through the filter by somehow sending the mail directly through to my IP address and bypassing the filter.  I was advised by their tech support to restrict all incoming email so that only mail coming from their two IP ranges would be accepted.  How do I configure this in my exchange server?

I am running exchange 2k3 on windows 2k3.
0
Comment
Question by:jer007
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 200 total points
ID: 24842132
Setup connection control on your default SMTP Virtual Server.
Open up Exchange System Manager, Expand Servers, Expand Your Server, Expand Protocosl, Expand SMTP.
Right-click on the default SMTP virtual server and choose properties.  Click on the Access tab and then on the Connection and then select Only the list below and add the IP's you want to allow.
0
 

Author Comment

by:jer007
ID: 24842162
Is there a way to add a range?  There are two sperate ranges with a total of 24 IP addresses each.  If possible, I'd rather not enter each one individually.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 24842173
You can add single addresses, a range of addresses, or by domain.
0
 

Author Comment

by:jer007
ID: 24842264
I'm not seeing how to enter a range.  There is the option of Single address, Group of computers which allows the subnet address & subnet mask, or domain.

I only have the address range.  It is xxx.xxx.xxx.0 - xxx.xxx.xxx.24.  Do I enter it that way in the Subnet address/mask fields?  I wasn't given any sort of subnet mask.
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 200 total points
ID: 24842336
Group of computers is the option to add a range but with the addresses you have, there is no easy way to add them as a group as there is no subnet mask that covers 0-24.
You could add xxx.xxx.xxx.0 with a subnet mask of 255.255.255.240 which covers from 0-15, but you would then have to add 16 - 24 manually.
It might be easier to just add them all one by one - a little boring, but then you can remove them one by one later if neede, which would be much easier.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
Find out what you should include to make the best professional email signature for your organization.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
This video discusses moving either the default database or any database to a new volume.
Suggested Courses
Course of the Month9 days, 23 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question