02-21-2010 10:31 AM - edited 03-11-2019 10:12 AM
Hi
We have some issues with emails and the domain gets blacklisted. I am thinking if there is some kind of virus on some computers which may be using port 25 to send smtp traffic. I was wondering if there is any way to configure the PIX for it to accept smtp traffic only from the mail servers and block any kind of smtp traffic from individual PCs. This is all on the LAN. I thought of creating ACLs on inside interface but I may have to create multiple ACLs and hard to manage.
And is there any way on the PIX to see the host IP or MAC which may be sending lot of SMTP traffic?
Please advise
Thanks
Solved! Go to Solution.
02-21-2010 01:54 PM
You can use ACL to restrict only your e-mail server to sent traffic destined to tcp port 25 and block every one else.
access-l inside-acl permit tcp host x.x.x.x any eq 25
access-l inside-acl deny tcp any any eq 25
access-l inside-acl permit ip any any
The above acl will be applied IN on the inside interface where x.x.x.x is the private/inside IP address of your e-mail server.
Same thing can be done on the outside acl.
access-l outside-acl permit tcp any host y.y.y.y eq 25
meaning only y.y.y.y which is the translated/public address of the e-mail server.
You cannot use MAC address to block on a PIX/ASA/FWSM.
-KS
02-21-2010 01:54 PM
You can use ACL to restrict only your e-mail server to sent traffic destined to tcp port 25 and block every one else.
access-l inside-acl permit tcp host x.x.x.x any eq 25
access-l inside-acl deny tcp any any eq 25
access-l inside-acl permit ip any any
The above acl will be applied IN on the inside interface where x.x.x.x is the private/inside IP address of your e-mail server.
Same thing can be done on the outside acl.
access-l outside-acl permit tcp any host y.y.y.y eq 25
meaning only y.y.y.y which is the translated/public address of the e-mail server.
You cannot use MAC address to block on a PIX/ASA/FWSM.
-KS
02-24-2010 08:58 AM
Thank you
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide