Prevent spam before router

Unanswered Question
Jul 13th, 2009
User Badges:


We are a small ISP and we have a problem in one of our locations, we have a Router 2811 with 5Mb of internet and around 50 clients behind, the router in the WAN interface have a public IP and is doing NAT to the LAN interface of clients and the problem is that one or more clients PCs are sending spam to the internet and that's why the public IP of the WAN interface is too often in some DNSBLs or blacklist and some other clients when they send emails from they own domains doesn't arrive because it's say that the IP of the WAN interface is in a blacklist.

The question is, can we do something to prevent this without have to change the public IP????

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Danilo Dy Mon, 07/13/2009 - 19:03
User Badges:
  • Blue, 1500 points or more

With existing device/resources, the answer is no. Even if you keep changing the IP Address, the user will keep sending SPAM mail (intentional/unintentional).

You should take a look at Cisco IronPort

k.hariharan1 Mon, 07/13/2009 - 20:40
User Badges:

its possible to stop the spam mails by applying access-list which will allow the smtp port for only their mail server and deny the remaining.

where is your mail server located.

reachonenetadm Tue, 07/14/2009 - 15:01
User Badges:

I agree. I'd block all outbound smtp except from specifically permitted IP addresses. Of course this means you'll need static addressing on the NAT side and need to apply the ACL to the "inside" interface.



This Discussion