Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2182
Views
0
Helpful
2
Replies

How can I Block port 25

zodell
Level 1
Level 1

‎05-14-2005 07:23 AM

I want to block all smtp traffic from my customers except for packets destined for my mail server and my mail server only. I would like to do this at the edge and not at the core. I put in the following ACL, but it blocked all smtp traffic.

access-list 115 permit tcp any eq smtp 192.168.0.0 0.0.0.255

access-list 115 deny tcp any eq smtp any

access-list 115 permit ip any any

The reason that I want to do this is to cut down on spam reports to my upstream provider.

Any help would be appreciated.

Labels:
0 Helpful
2 Replies 2

peterledwidge
Level 1
Level 1

‎05-15-2005 05:41 AM

access-list 110 permit tcp [customer subnet] [mask] host [your mail server] any eq smtp

access-list 110 deny tcp any any eq smtp

access-list 110 permit ip any any

example

access-list 110 permit tcp 192.168.0.0 0.0.0.255 host 172.160.1 eq smtp

Ensure you apply the rule in the proper direction.

HTH

0 Helpful

tstrosnider
Level 1
Level 1

‎06-27-2005 12:34 AM

This is what I am running on my pix

access-list inside_access_out permit tcp host any eq smtp

access-list inside_access_out deny tcp any any eq smtp

Pretty much what it does is it blocks all mail outbout to the internet except from the mail server. I use this rule to deny any virus outbreak that installs a local mail engine and spams away, this way it will show up on my syslog, and I know immediately which workstation is infected. And no mail is sent out of the network unless it goes through the allowed ip.

Hope this helps.

Trevor

0 Helpful
Customers Also Viewed These Support Documents