SMTP Port 25

jasonjonkman · ‎07-23-2008

I recently signed up with MXLogic to filter SPAM.

They advised mt yo lock down my PIX 501 firewall to only accept incoming SMTP connections on port 25 to only IP ranges

208.65.144.0/21

208.81.64.0/22

How do I do this?

What entries do i need to add to my PIX?

Thanks in advance!

acomiskey · ‎07-23-2008

If you have an existing access list applied to your outside interface. Just add the following entries.

access-list permit tcp 208.65.144.0 255.255.248.0 255.255.255.255 eq smtp

access-list permit tcp 208.81.64.0 255.255.248.0 255.255.252.0 eq smtp

If not, just add those entries plus...

access-group in interface outside

jasonjonkman · ‎07-23-2008

ok, got it.

i see a "no fixup protocal smtp 25" entry.

For the entries above, does the "no" need to be removed? how do i remove that?

acomiskey · ‎07-23-2008

If you want to enable fixup smtp 25, you would simply do "fixup smtp 25". That will get rid of the "no".

jasonjonkman · ‎07-23-2008

if i remove the "no" does that enable/force smtp port 25 traffic to go through the entries for MXLogic i entered?

does the "no" entry disable the entries i entered?