Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Object Grouping or ACL for SMTP ACL for internal clients

Any recomondations on the best way to handle blocking smtp traffic that isn't originated from our exchange server for outbound traffic. We want to make sure that only our exchange is sending mail out so we were going to shut down any other machine from sending it out to the world so I'm wondering if we should use ACLs or Object Grouping? As always i appreciate the good advice.

1 REPLY

Re: Object Grouping or ACL for SMTP ACL for internal clients

To just allow your Exchange Server to go out with SMTP, you do not really need Object Groups, there is no adavantage of using it just more work. If you have muktiple hosts or ports for a single line then object groups are useful.

Example:

access-list inside permit tcp host ExchangeServer any eq 25

access-list inside deny tcp any any eq 25

access-list inside permit ip any any

access-group inside in interface inside

sincerely

Patrick

208
Views
0
Helpful
1
Replies
CreatePlease to create content