Restricting port SMTP 25

Hi Geniuses,

simply one here but just wanting to get some clarify the changes I have made to our firewall are correct.

I am wanting to restrict access to SMTP port 25 to potentially prevent future SPAM attacks, and we are currently using a Cisco RV042 as our firewall and I have modified the access rule for SMTP port 25 as follows:

Source Interface: LAN
Source IP: Any
Destination IP: IP address of the Exchange server

Mail flows fine using the above config, but like I said I am just wanting to confirm that the above is correct in terms of correctly locking down the port?

If anyone has any further tips and or advice that would be greatly appreciated.

Thanks,
Adrian
Adma1Asked:
Who is Participating?
 
Syed_M_UsmanSystem AdministratorCommented:
no you should be able to send and recive email but only VIA EXCHANGE server...

Allow rule gould be above deny rule in the firewall priority... refer to below example
LAN to WAN
if possible please provide santitized screen shot..
0
 
Syed_M_UsmanSystem AdministratorCommented:
Dear,

in any email server envoirment you have to protect your SMTP traffic by allowing traffic "ONLY" from your email server...
 
you need to create two rules by allowing SMTP traffic only for email server and deny all smtp traffic for other hosts... this will prevent any other Fake or infected host sending SMTP traffic outside...
 
Both Rule are from LAN to WAN...

Action: DENY
Service: SMTP (Send email)
Source: ANY
Destination: Any
Users Allowed: All, ok
Above Rule will prevent any fake user/email server sending email outside.

Action: Allow
Service: SMTP (Send email)
Source: Exchange Server IP
Destination: Any
Users Allowed: All, ok

The priority of Exchange SMTP Allow rule must be higher...
0
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
Restrict Port 25 would mean no emails coming in and if you open port 25 just for Exchange thats what Firewalls are used to set ?

So not sure what are we trying exactly out here ?

- Rancy
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
Miguel Angel Perez MuñozCommented:
Spam is caused by faked email messages. Closing 25 tcp port block spam but legitimate email too. Better idea is setup any kind of antivirus and antispam solution on your mail server.
0
 
Syed_M_UsmanSystem AdministratorCommented:
Dear,

once you have email server in your envoirment you need to restrict SMTP only for Exchange to avoid fake user/servers sending email outside... as i mention in my previous post...
0
 
Adma1Author Commented:
Hi Syed,

thanks for your responses If I apply your suggested config as per below then we cannot send mail. any ideas?


Both Rule are from LAN to WAN...

Action: DENY
Service: SMTP (Send email)
Source: ANY
Destination: Any
Users Allowed: All, ok
Above Rule will prevent any fake user/email server sending email outside.

Action: Allow
Service: SMTP (Send email)
Source: Exchange Server IP
Destination: Any
Users Allowed: All, ok
0
 
Adma1Author Commented:
Thanks por 25 restriction is now working.
0
 
Syed_M_UsmanSystem AdministratorCommented:
Glad to know,,, please close the thread.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.