I need to limit outbound SMTP connections for internal hosts on Pix 506e. I have to allow each host to make then, but after a host makes say 10 in a certain amount of time, I want to block it. This is for a Liberal Arts dorm network and the ISP is complaining about addresses from the dorm network sending spam. I can't block port 25 altogether as the other students will still need to send email.....any ideas? Basic PIX config, no static coming in, all NAT/PAT going out.
You should be able to block port 25 altogether unless you have an email server in the same subnet - in which case you would allow smtp from the mail server and block from everyone else. Clients do not send email on port 25 (or should not - ever). Clients connect to mail servers to send email and they connect to the mail server using pop3 or web interface which are ports 110 or 80 respectively. Port 25 should always be blocked outbound from anything that is not a mail server.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...