I'm trying to figure out how to block outbound smtp access except from my exchange server. Here is the ACL i developed.
ip access-list extended SMTP
permit tcp 10.10.152.200 0.0.0.255 any eq smtp
deny tcp any any eq smtp
permit ip any any
I thought i would apply it outbound (ip access-group SMTP out) on my inside interface but when i do that I can no longer accept connections inbound to the server. Where should I have this? Is something wrong with the ACL itself?