Limit Outbound smtp to single destination?

mingtmak · Jun 2, 2008

Company uses hosted mail service. There seems to be an offending PC that is infected with a trojan which is sending out email and getting them blacklisted.

from thread35-1346401, there were ACLs that limit smtp traffic from a single mail server.

To limit all internal clients to send to only one mail server on the internet, would the acls be the opposite (without blocking any other traffic)?

access-list outbound permit tcp any host [IP of external mail server] eq 25
access-list outbound deny tcp any any eq 25 log
access-list outbound ip any any

access-group outbound in interface inside

Thanks in advance for the confirmation.

- Jon

Sutibu · Aug 12, 2008

Is there a way to do this for the 515e? The commands above look to be for the 501. In our config we have it listed as such:

access-list access_out extended permit tcp any host (ip address) eq (port)

And is there a way to do this via ADSM or does it have to be command line?

Thanks in advance...

Steve

Supergrrover · Aug 12, 2008

You can do it via the PDM/ASDM.
Cisco doesn't have any decent examples of the PDM anymore but you can try this. It gives a decent run through and the ideas -

http://www.netcraftsmen.net/welcher/papers/pdm.html

Brent
Systems Engineer / Consultant
CCNP, CCSP

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Limit Outbound smtp to single destination?

mingtmak

Technical User

Sutibu

IS-IT--Management

Supergrrover

IS-IT--Management

Similar threads

Part and Inventory Search

Sponsor