Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Block outbound smtp traffic

Status
Not open for further replies.
mastang13

mastang13

MIS
Jun 9, 2003
26
0
1
US
I'm attempting to block all outbound smtp except from one computer on the inside with the following acl but it's not working. I have a few internal computers that are generating ramdom smtp emails to the internet(may be infected with virus) and would like to stop at pix.

access-list 101 permit tcp host 10.1.0.12 eq smtp any
access-list 101 deny tcp any eq smtp any
access-list 101 permit ip any any
access-group 101 in interface inside
 
Sort by date Sort by votes
Remember that the source machine is leaving on a random port but requesting the destination machine to answer on port 25(smtp). Below is how it should look.


access-list 101 permit tcp host 10.1.0.12 any eq smtp
access-list 101 deny tcp any any eq smtp
access-list 101 permit ip any any
access-group 101 in interface inside
 
Upvote 0 Downvote
I misread your post originally. I thought your machines were connecting to external mail servers on port 25. Your original access-list should work. Are you sure the source port is 25?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

salanje87
  • Locked
  • Question
Block Broadcast storming.
Replies
3
Views
114
hairlessupportmonkey
hairlessupportmonkey
Russtoleum
  • Locked
  • Question
SW GVC won't route traffic through sonicwall to offsite tunnel unless it leases an ip on the same su
Replies
1
Views
60
Russtoleum
Russtoleum
jfp23
  • Locked
  • Question
ASA 5512x 9.3 version Outbound connection issues
Replies
0
Views
38
jfp23
jfp23
negley97
  • Locked
  • Question
XTM505 - would like to block all smtp traffic out except for Exchange server
Replies
2
Views
53
negley97
negley97
xylax
  • Locked
  • Question
Redirecting HTTP traffic from INSIDE to OUTSIDE using ASA NATs
Replies
0
Views
31
xylax
xylax

Part and Inventory Search

Sponsor

Back
Top