Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

RVO42 PORT 25

I am having issues with my public IP being black listed.  This is something new, but the Comcast rep tells me they are seeing this more and more.  It seems that even if you aren't hosting your own email server, even your public IP at your location is carried in the message header and is subject to being blacklisted. With that in mind,  it looks as though I am going to have to start blocking port 25 for all outbound traffic with the exception of traffic bound for the  hosted email server (SMTP) out on the Internet.  Can this be done in the RVO42 and RVO82?

Looking forward to an answer to this and as I say, it sounds like this is something we all will have to start doing.              

5 REPLIES
Gold

RVO42 PORT 25

Kevin

Under Firewall-> Access Rules you can create a rule to block outbound traffic from your LAN to the WAN.

A better idea might be to run anti-malware/spam software on your computers to find out which one is sending SPAM. I had an issue like this several years ago and found that one of my PCs was sending thousands of SPAM emails per minute to random email addresses. I installed Norton Internet Security and it took care of it but it took a while.

- Marty

New Member

RVO42 PORT 25

Most ISP's, the people that provide your internet connection, most likely already block port 25 unless the email is being routed through their SMTP server anyway.   Plus there are other ports being used lik 465, 595, etc as alternate ports since ISP's tend to block 25.  The problem is likely on the PC of valid recipients which has spyware, malware that's been downloaded on it that read the incoming email header and contact list data.  Blocking port 25 on your router won't realistically accomplish anything.

Gold

RVO42 PORT 25

viningele,

I agree, I would focus on the device that is sending the SPAM.

- Marty

New Member

RVO42 PORT 25

It has been about a week and my customer is de-listed by all the spam sites I can find.  I have changed the port that they use to send email to their mail server out on the Internet and have blocked port 25 for all outbound traffic.  We also did scan all machines on the network and never found anything that seemed like the source of the spam. Nevertheless, one site I looked at reported the last instance of outbound spam on the same day that I blocked port 25. It would still be interesting to know if the RVOs can permit port 25 traffic to only one IP on the Internet. Oh, and for residential cable yes, I have seen where ISPs  block port 25 but for commerical Internet as is the case here, they can't really do that or it would shut down mail servers at  customer's location. It would also cause a problem if email were hosted on another provider out on the Internet as well.

Gold

RVO42 PORT 25

Kevin,

Create two Access Rules. The first one blocks all outbound traffic on port 25 and the second one allows outbound traffic on port 25 ONLY to a single destination IP. The second rule will override the first rule for that one IP.

- Marty

209
Views
0
Helpful
5
Replies