07-13-2009 02:07 PM - edited 03-04-2019 05:25 AM
Hi,
We are a small ISP and we have a problem in one of our locations, we have a Router 2811 with 5Mb of internet and around 50 clients behind, the router in the WAN interface have a public IP and is doing NAT to the LAN interface of clients and the problem is that one or more clients PCs are sending spam to the internet and that's why the public IP of the WAN interface is too often in some DNSBLs or blacklist and some other clients when they send emails from they own domains doesn't arrive because it's say that the IP of the WAN interface is in a blacklist.
The question is, can we do something to prevent this without have to change the public IP????
07-13-2009 07:03 PM
With existing device/resources, the answer is no. Even if you keep changing the IP Address, the user will keep sending SPAM mail (intentional/unintentional).
You should take a look at Cisco IronPort http://www.ironport.com/
07-13-2009 08:40 PM
its possible to stop the spam mails by applying access-list which will allow the smtp port for only their mail server and deny the remaining.
where is your mail server located.
07-14-2009 03:01 PM
I agree. I'd block all outbound smtp except from specifically permitted IP addresses. Of course this means you'll need static addressing on the NAT side and need to apply the ACL to the "inside" interface.
-Chris
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: