10-18-2006 06:39 AM - edited 03-09-2019 04:35 PM
I need to limit outbound SMTP connections for internal hosts on Pix 506e. I have to allow each host to make then, but after a host makes say 10 in a certain amount of time, I want to block it. This is for a Liberal Arts dorm network and the ISP is complaining about addresses from the dorm network sending spam. I can't block port 25 altogether as the other students will still need to send email.....any ideas? Basic PIX config, no static coming in, all NAT/PAT going out.
Thanks
10-18-2006 12:16 PM
A PIX is not made to do that. Control SMTP usage by hosting a SMTP server at your location and configuring the PIX to only allow that server SMTP out.
10-18-2006 01:49 PM
You should be able to block port 25 altogether unless you have an email server in the same subnet - in which case you would allow smtp from the mail server and block from everyone else. Clients do not send email on port 25 (or should not - ever). Clients connect to mail servers to send email and they connect to the mail server using pop3 or web interface which are ports 110 or 80 respectively. Port 25 should always be blocked outbound from anything that is not a mail server.
Jason
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide