Solved

Block SMTP Traffic on SonicWall PRO3060 Enhanced OS

Posted on 2009-07-16
4
1,685 Views
Last Modified: 2013-11-30
On a Sonicwall Pro3060 with Enhanced OS, I need to block all smtp traffic, port 25 from going to WAN.  The only exception for that I need is for our e-mail server to allow for SMTP port 25.  I can't have workstations having ability to have SMTP enabled.

0
Comment
Question by:fireguy1125
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 4

Accepted Solution

by:
CreditSoupTech earned 500 total points
ID: 24869995
Just add an outbound rule denying from LAN to WAN Service SMTP: LAN-->WAN DENY 25
Then add a rule that allows LAN to WAN Source [Internal Mail Server IP] DESTINATION [ANY] Service 25: LAN-->WAN Source x.x.x.x Destination ANY 25

Is that clear enough?  
0
 
LVL 1

Author Comment

by:fireguy1125
ID: 24870126
Thanks, I was putting in the Destination as "WAN Subnets".  When I changed it to ANY I tested and works.

I always get confused with all the Address Groups that SonicWall has.
0
 
LVL 4

Expert Comment

by:CreditSoupTech
ID: 24870220
Yeah. WAN Subnets is just your WAN address's or your public IP's assigned to the WAN subnet.
0
 

Expert Comment

by:ethernet69
ID: 33378318
very helpful...thanks for the explanation.

Brian
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question