Solved: Thanks @Philip

Attiq · ‎04-04-2016

Hello Experts,,

our company has spam email problem. users getting spam from external. basically we are getting smtp traffic from two ways. below is the traffic flow.

1) smtp relay agent (smtp filtration) ==> exchange server ==> user mailbox

2) directly exchange server ==> users mailbox

you're thinking, its not related at this forum but i have to configure ACLs to control this flow. the 1st direction is working fine even detecting and rejecting the spam.

but the problem in 2nd flow because exchange server configured auto discovery (SSL Certificate handshake) with remote/mobile users and this way we're getting spam because all the traffic is allowed. i'm trying to configure ACL to deny all other traffic expect port 80 and 443 for SSL certificate.

ACL 101

deny ip any host (exchange server ip)

permit tcp any host (exchange server ip) eq 80

permit tcp any host (exchange server ip) eq 443

apply router 800 interface

ip access-group 101 in

please share your suggestions .

Philip D'Ath · ‎04-05-2016

Wrong order.

ACL 101

permit tcp any host (exchange server ip) eq 80

permit tcp any host (exchange server ip) eq 443

deny ip any host (exchange server ip)

apply router 800 interface

ip access-group 101 in

View solution in original post

Philip D'Ath · ‎04-05-2016

Wrong order.

ACL 101

permit tcp any host (exchange server ip) eq 80

permit tcp any host (exchange server ip) eq 443

deny ip any host (exchange server ip)

apply router 800 interface

ip access-group 101 in

Attiq · ‎04-05-2016

@Philip

thanks for reply

what will be correct order.

Philip D'Ath · ‎04-05-2016

The order that I supplied in my post/reply ...

Attiq · ‎04-06-2016

Thanks @Philip

i'll try this and update later.

Deny all traffic except port 80 and 443 (https://mail.domain.com/)