Adma1
asked on
Restricting port SMTP 25
Hi Geniuses,
simply one here but just wanting to get some clarify the changes I have made to our firewall are correct.
I am wanting to restrict access to SMTP port 25 to potentially prevent future SPAM attacks, and we are currently using a Cisco RV042 as our firewall and I have modified the access rule for SMTP port 25 as follows:
Source Interface: LAN
Source IP: Any
Destination IP: IP address of the Exchange server
Mail flows fine using the above config, but like I said I am just wanting to confirm that the above is correct in terms of correctly locking down the port?
If anyone has any further tips and or advice that would be greatly appreciated.
Thanks,
Adrian
simply one here but just wanting to get some clarify the changes I have made to our firewall are correct.
I am wanting to restrict access to SMTP port 25 to potentially prevent future SPAM attacks, and we are currently using a Cisco RV042 as our firewall and I have modified the access rule for SMTP port 25 as follows:
Source Interface: LAN
Source IP: Any
Destination IP: IP address of the Exchange server
Mail flows fine using the above config, but like I said I am just wanting to confirm that the above is correct in terms of correctly locking down the port?
If anyone has any further tips and or advice that would be greatly appreciated.
Thanks,
Adrian
Restrict Port 25 would mean no emails coming in and if you open port 25 just for Exchange thats what Firewalls are used to set ?
So not sure what are we trying exactly out here ?
- Rancy
So not sure what are we trying exactly out here ?
- Rancy
Spam is caused by faked email messages. Closing 25 tcp port block spam but legitimate email too. Better idea is setup any kind of antivirus and antispam solution on your mail server.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Syed,
thanks for your responses If I apply your suggested config as per below then we cannot send mail. any ideas?
Both Rule are from LAN to WAN...
Action: DENY
Service: SMTP (Send email)
Source: ANY
Destination: Any
Users Allowed: All, ok
Above Rule will prevent any fake user/email server sending email outside.
Action: Allow
Service: SMTP (Send email)
Source: Exchange Server IP
Destination: Any
Users Allowed: All, ok
thanks for your responses If I apply your suggested config as per below then we cannot send mail. any ideas?
Both Rule are from LAN to WAN...
Action: DENY
Service: SMTP (Send email)
Source: ANY
Destination: Any
Users Allowed: All, ok
Above Rule will prevent any fake user/email server sending email outside.
Action: Allow
Service: SMTP (Send email)
Source: Exchange Server IP
Destination: Any
Users Allowed: All, ok
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks por 25 restriction is now working.
Glad to know,,, please close the thread.
in any email server envoirment you have to protect your SMTP traffic by allowing traffic "ONLY" from your email server...
you need to create two rules by allowing SMTP traffic only for email server and deny all smtp traffic for other hosts... this will prevent any other Fake or infected host sending SMTP traffic outside...
Both Rule are from LAN to WAN...
Action: DENY
Service: SMTP (Send email)
Source: ANY
Destination: Any
Users Allowed: All, ok
Above Rule will prevent any fake user/email server sending email outside.
Action: Allow
Service: SMTP (Send email)
Source: Exchange Server IP
Destination: Any
Users Allowed: All, ok
The priority of Exchange SMTP Allow rule must be higher...