Block Outbound (not internal) SMTP for certain Computers

[netadmin19355]

What I want to do seems like it should be easy but I can't seem to swing it. I want to be able to block outbound internet email for 2 COMPUTERS (not users) on my network. I still want these computers to be able to send internally though. How do I do this? I am running exchange 2000. Any thoughts?

Thanks,
Wes

 

[netadmin19355]

One more thing, these computers will not be using Outlook. I want them to block from ANY program that allows you to enter a mail server. Like a program that sends alerts out. I just want the alerts to go internal users not out to the internet.

THanks,
Wes

 

[AlexIT]

I have no suggestions to block external mail based on Computername, by user easy, to block all mail from a given PC easy, but only outgoing mail by computername...not so easy. What is your exchange config? Do you have any other mail software running (anti-spam, mail AV scanners, etc?) Maybe one of these can be set to prevent external mail from a given LAN IP...

Or maybe a script on the exchange server that checks all mail from the lan, and compares PC IP addr to hard-coded list and then sends a blocked mail message back if the destination is not in the GAL?

 

[Davetoo]

I'd try to do this at the firewall if possible.

I have a Watchguard and simply setup a rule that only two systems can send email outbound. This also helps to stop mail virus' from triggering from within your domain.

I'm Certifiable, not cert-ified.
It just means my answers are from experience, not a book.

 

[netadmin19355]

Actually every PC we are speaking of send mail via one mail server, so the firewall rule is out. We need to do something via exchange. I was thinking relaying permissions. Do you think that would work?

-Wes

 

[58sniper]

If you're using Exchange for all email traffic, then internal email is MAPI, not SMTP. This means you could block outbound SMTP traffic (at your firewall) from all internal addresses except your Exchange box (a good practice anyways). This would also work if you're using a non-Outlook client to connect to an INTERNAL Exchange box. While you're at it, block POP3 and IMAP traffic as well.

If you're using something else to communicate with an outside SMTP server, then you can still create a DENY rule in many firewalls to deny outbound SMTP traffic from a specific IP address. YMMV

Pat Richard, MCSE(2) MCSA:Messaging, CNA(2)

 

[netadmin19355]

Yes, but the problem is that all of these client POINT to the one exhange box so blocking at the FW wouldn't work. I need to do it via exchange. I was thinking relaying, but was wondering if this would only block outgoing SMTP not internal? I think that is the case.

-Wes

 

[58sniper]

I may have mis-understood your requirements, then. Are you attempting to keep people from sending SMTP email via Exchange, or directly out your Internet connection? If it's the second, blocking at the firewall would work.

Pat Richard, MCSE(2) MCSA:Messaging, CNA(2)