Just to follow up on Jack's post...

After applying those statics and ACLs, save with: write mem and then issue: clear xlate, so that the new translations are active.

Jay

Just another observation...

On Jack's static for pop3, it should be port 110 rather then port 100 !!!

:o))

thanks for pointing it out, so the sample should be:

static (inside,outside) tcp 10000 25 netmask 255.255.255.255 0 0

static (inside,outside) tcp 10001 110 netmask 255.255.255.255 0 0

access-list 100 permit tcp any eq 10000

access-list 100 permit tcp any eq 10001

access-group 100 in interface outside

I will try this out! Thanks to you guys for your help!!! I will let ya know how it goes.

just wondering how you go.

HI there!

I am still having problems - What is happening is a machine is spamming out threw are PIX. We are being blacklisted by spamhaus and they have our firewall IP address. We are allowing all outbound traffic out. We want users to get to the Internet. Is there anyway to block it or find out by a log file where it maybe coming from? ANY suggestions would be appriciated! :)

:

try this command on the pix, "sh conn | in :25".

with the command above, pix will show all the current connections with port number 25. then you may just observe the number of time an ip address appears. e.g. you may see a particular ip appears 100 times while the other just appears 3 or 4 times.

however, this command will not yield any valuable result providing the "naughty" host is spamming via the email server. the reason being from the pix point of view, all email traffic will be originated from the email server, not the "naughty" host, thus the pix will not be able to track it down. in that case, you would need some sort of monitoring tool for the email server instead.

Thanks ! I will give that a try and see. Thanks again for all your help! :)