russus
asked on
telnet smtp on port 25
Hi Experts
i am rookie on security and hope somebody could help.
it's a telnet question; if anybody does a telnet command "o www.mydomainname.com 25" they get connected to the dedicated server so i assume this is where the website is hosted.
but also when doing a telnet smtp.mydomainname.com 25, they also get connected. is this a flow on our network?
i read that i would need to block port 25, is this the solution to go forward?
we use web access, so blocking 25 on the firewall would affect our email?
we use an external email antivirus protection.
thank you for reading and appreciate your help
i am rookie on security and hope somebody could help.
it's a telnet question; if anybody does a telnet command "o www.mydomainname.com 25" they get connected to the dedicated server so i assume this is where the website is hosted.
but also when doing a telnet smtp.mydomainname.com 25, they also get connected. is this a flow on our network?
i read that i would need to block port 25, is this the solution to go forward?
we use web access, so blocking 25 on the firewall would affect our email?
we use an external email antivirus protection.
thank you for reading and appreciate your help
ASKER
thanks busbar, when i try to telnet my old work's smtp i get connection failed.
is there a way to restrict access or password protect telnet?
thank you
is there a way to restrict access or password protect telnet?
thank you
nop, maybe they changed the IP or something, but you can even telnet to hotmail and google and no way to work around it
if www.domain.com and smtp.domain.com point to the same External IP/internal server you are stuck as disabling one with stop the other too.
The WWW. and smtp. info in just a pointer to an IP. if they both point to the same IP address they are effectively the same connection.
If they are different servers/Ext IPs you should be able to set the firewall not to allow poert 25 traffic unless its on the correct IP.
The WWW. and smtp. info in just a pointer to an IP. if they both point to the same IP address they are effectively the same connection.
If they are different servers/Ext IPs you should be able to set the firewall not to allow poert 25 traffic unless its on the correct IP.
ASKER
the www and the smtp are on different external IPs. our emails go to an external spam filtering service, and we use web access. so what would happen if i block port 25 ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
in exchange server under SMTP properties, option "forward all mail through this connector..." is ticked and the address is post2.emailfilteringservic e.com address. but not sure if im receiving them using SMTP/TLS or just SMTP. i'll call filter guys
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thank you guys, i have asked our filtering service to send me their ip range then i will block port 25 from all connections except those ips.
thank you for your help
thank you for your help
for www.domain.com most probably your company that hosts the website is providing SMTP service so you can connect to their servers.
smtp.domain.com is your server and this is where your mail server resides, you don't want to block port 25 unless you don't want to receive internet email. this is correct and expected behavior