FWSM Outbound SMTP rule not working

Unanswered Question
May 30th, 2007

I am trying to restrict outbound SMTP traffic to a single email server we have, but when I use the rule set below email is not being sent out. I am running FWSM version 2.3(3)2.

access-list INSIDE permit tcp host SERVER1 any eq 25


access-list INSIDE deny tcp any any eq 25

Any suggestions?


Jim Willson

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
carenas123 Thu, 06/07/2007 - 11:16

just change the access list by reverse the source and destination of your first entry.It will block your entry and apply this in your exit interface of your outside interface.

Jon Marshall Thu, 06/07/2007 - 11:21


Do you mean restrict outbound mail FROM a single e-mail server ?

where have you applied the access-list ?


Fernando_Meza Thu, 06/07/2007 - 16:28

Hi .. assuming your smtp server uses the standard 25 protocol .. then your access list is OK as long as it is being applied to the interface where the server resides. !!! NOTE: make sure the smtp server has a dns server configured for dns resolution as well .. !!! i.e perform a nslookup and test dns resolution ..

make sure to add a permit ip any any at the end otherwise your would only allow smtp outbound blocking everything else

I hope it helps .. please rate it if it does !!!

jimwi1965 Mon, 06/11/2007 - 03:54


Yes, my mail server uses port 25. It resides on the 'inside' interface, and I am applying the rule to outbound traffic only. I also have an allow ip any any at the end of the rule to allow all remaining traffic after the unwanted SMTP traffic has been blocked.

What do you mean by make sure I have a DNS server configured for it? If you mean MX records I am covered.

FWIW, this is an Exchange 2003 server.




This Discussion