It looks like you want to do packet filtering into the data portion of the packet. The source address is shown outside of the data portion of the packet not the sender name. I don't believe this is possible by a simple ACL. Plus if you were able to do this and you for some reason had a high volume of emails at one time you would DOS yourself because all of the routing processor time would be analying packets. You may want to look into a specific device for helping filter email.
I dont thinkso the ACL will help you in doing the above.
If your office is having the Firewall, you can setup the Mail Server in DMZ zone where the pop3 and smtp will be avalaible local for the LAN user's and the User's whoever is roaming will have access to Mail Server also via internet. Keeping in Mail Server in DMZ will avoid the outside traffic coming inside the LAN network.
By keeping the Mail Server in DMZ you no need to depend on the Internet from ISP. Keeping the Mail Server in ISP and accessing the mail's via ISP-Internet is not recommended.
I agree with the previous post. I don?t think that a layer-3 device is the right choice to perform layer-7 inspection and filtering. I?ve worked with firewalls that have a feature named "resource inspection". If you apply that functionality to your SMTP (or pop3) rules, you can prevent your inside zone to send mails to your own domain. I have not seen PIXES do this but I would bet they can. On the other hand, with a little work you might be able to obtain the same result using a linux box inside your lan and let IT become yoour application firewalls. This functionality is part of a mail relay in itself.
Whatever option yoou take, I suggest you stop thinking of ACLS as the solution for your problem and (as previously suggested) consider adding an element capable of layer-7 inspection on your network.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...