https://community.cisco.com/t5/network-security/blocking-on-pix/m-p/1347975#M749002 <P>Hi</P><P></P><P>We have some issues with emails and the domain gets blacklisted. I am thinking if there is some kind of virus on some computers which may be using port 25 to send smtp traffic. I was wondering if there is any way to configure the PIX for it to accept smtp traffic only from the mail servers and block any kind of smtp traffic from individual PCs. This is all on the LAN. I thought of creating ACLs on inside interface but I may have to create multiple ACLs and hard to manage.</P><P></P><P>And is there any way on the PIX to see the host IP or MAC which may be sending lot of SMTP traffic?</P><P></P><P>Please advise</P><P></P><P>Thanks</P> Mon, 11 Mar 2019 17:12:54 GMT techtips03 2019-03-11T17:12:54Z https://community.cisco.com/t5/network-security/blocking-on-pix/m-p/1347975#M749002 <P>Hi</P><P></P><P>We have some issues with emails and the domain gets blacklisted. I am thinking if there is some kind of virus on some computers which may be using port 25 to send smtp traffic. I was wondering if there is any way to configure the PIX for it to accept smtp traffic only from the mail servers and block any kind of smtp traffic from individual PCs. This is all on the LAN. I thought of creating ACLs on inside interface but I may have to create multiple ACLs and hard to manage.</P><P></P><P>And is there any way on the PIX to see the host IP or MAC which may be sending lot of SMTP traffic?</P><P></P><P>Please advise</P><P></P><P>Thanks</P> Mon, 11 Mar 2019 17:12:54 GMT https://community.cisco.com/t5/network-security/blocking-on-pix/m-p/1347975#M749002 techtips03 2019-03-11T17:12:54Z https://community.cisco.com/t5/network-security/blocking-on-pix/m-p/1347976#M749011 <HTML><HEAD></HEAD><BODY><P>You can use ACL to restrict only your e-mail server to sent traffic destined to tcp port 25 and block every one else.</P><P></P><P>access-l inside-acl permit tcp host x.x.x.x any eq 25</P><P>access-l inside-acl deny tcp any any eq 25</P><P>access-l inside-acl permit ip any any</P><P></P><P>The above acl will be applied IN on the inside interface where x.x.x.x is the private/inside IP address of your e-mail server.</P><P></P><P>Same thing can be done on the outside acl.</P><P>access-l outside-acl permit tcp any host y.y.y.y eq 25</P><P></P><P>meaning only y.y.y.y which is the translated/public address of the e-mail server.</P><P></P><P>You cannot use MAC address to block on a PIX/ASA/FWSM.</P><P></P><P>-KS</P></BODY></HTML> Sun, 21 Feb 2010 21:54:19 GMT https://community.cisco.com/t5/network-security/blocking-on-pix/m-p/1347976#M749011 Kureli Sankar 2010-02-21T21:54:19Z https://community.cisco.com/t5/network-security/blocking-on-pix/m-p/1347977#M749018 <HTML><HEAD></HEAD><BODY><P>Thank you</P></BODY></HTML> Wed, 24 Feb 2010 16:58:56 GMT https://community.cisco.com/t5/network-security/blocking-on-pix/m-p/1347977#M749018 techtips03 2010-02-24T16:58:56Z