Restrict Inbound SMTP Traffic

[mawilson]

I have a PIX 515 that I need to make some small changes to, but I am not exactly sure how to do what I need to. We have started using a 3rd party spam filtering service and I need to restrict our PIX to only accept smtp traffic from their servers.
Right now I have this entry in the PIX.
conduit permit tcp host x.x.x.x eq smtp any

Can I change it to
conduit permit tcp host x.x.x.x eq smtp x.x.x.1

and add a line like it for every ip address I need to allow? Or is there a different way to do it.

Thanks

Mark

 

[lgarner]

I think the conduit syntax calls for <foreign ip>, then <local ip>. So, I'd try

conduit permit tcp host <3rd party> eq smtp host <local ip>

 

[ChrisAC]

It would be;

conduit permit tcp host <your_server> eq smtp host <spam_filter>

So you are really just changing the "any" bit of the existing conduit to "host x.x.x.x" for each host you want to permit smtp from.

Chris.

**********************
Chris A.C, CCNA, CCSA
**********************