Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
785
Views
0
Helpful
2
Replies

Prevent spam before router

elelvis19
Level 1
Level 1

‎07-13-2009 02:08 PM

Hi,

We are a small ISP and we have a problem in one of our locations, we have a Router 2811 with 5Mb of internet and around 50 clients behind, the router in the WAN interface have a public IP and is doing NAT to the LAN interface of clients and the problem is that one or more clients PCs are sending spam to the internet and that's why the public IP of the WAN interface is too often in some DNSBLs or blacklist and some other clients when they send emails from they own domains doesn't arrive because it's say that the IP of the WAN interface is in a blacklist.

The question is, can we do something to prevent this without have to change the public IP????

Labels:
0 Helpful
2 Replies 2

Collin Clark
VIP Alumni
VIP Alumni

‎07-14-2009 01:24 PM

You bet. Apply an ACL on the LAN interface denying the end users SMTP access but allowing your mail server. Assume your mail server is 192.168.1.5.

ip access-list extended FILTER_OUTBOUND

permit tcp host 192.168.1.5 any eq 25

deny tcp any any eq 25 log (log is optional)

permit ip any any

interface fa0/1

ip access-group FILTER_OUTBOUND in

Hope that helps.

0 Helpful

Pavel Bykov
Level 5
Level 5

‎07-20-2009 05:53 AM

Also, there are professional solutions from Cisco, such as IRONPORT, that will solve the problem for you based on the complex scores of the traffic. We use them and I have nothing but praise for them. Also, the licensing is very attractive.

0 Helpful
Customers Also Viewed These Support Documents