Restrict Outgoing SMTP to single host?

[dkraut]

To help reduce email worm propagation, I would like to restrict incoming and outgoing SMTP to a single host (our mail server). We already redirect all incoming SMTP to our mail server but I want restrict all outgoing SMTP to this same host. What commands would I need to add to the PIX515 v6.3 to accomplish this? I could not find any relevant info on the Cisco web site.

Thanks!

 

[bwilliam13]

You really need to post your current config so we can see it first.

 

[dkraut]

I understand but there's too much private info in there to post publicly. I can strip out a lot of the conf. info but it would save me some time of I knew which part of the config you really need?

 

[baddos]

Basically you want to create an access list and apply it to your inside interface. In the access-list, you'll first permit tcp port 25 for your email server, then deny tcp port 25 for every other ip.

Take a look at my FAQ faq35-2881.