Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

SMTP problem

Status
Not open for further replies.
cmptrnerd

cmptrnerd

IS-IT--Management
Aug 11, 2001
255
0
0
US
We have a possible pc affected with spyware that is sending SMTP mail. We also have an internal mail server and our ISP is reporting a lot of SMTP activity. I want to add an acl to only allow smtp mail internally from our 192.168.0.1.

Can anyone help me to get this command correct.



Mark
 
Sort by date Sort by votes
Also is there a way to monitor the SMTP traffic on the PIX since this would allow us to find the problem workstations.



Mark
 
Upvote 0 Downvote
add an outbound ACL

access-list outbound permit tcp host [IP of internal Mail server] any eq 25
access-list outbound deny tcp any any eq 25 log
access-list outbound permit ip any any

access-group outbound in interface inside

When you check your logs there will be entries for the SMTP offenders.

Brent
Systems Engineer / Consultant
CCNP, CCSP
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ITSUPPORTIT
  • Locked
  • Question
VPN from ASA 5510 and RV215W problem
Replies
0
Views
41
ITSUPPORTIT
ITSUPPORTIT
wrighbr1
  • Locked
  • Question
Cisco ASA 5505 site to site VPN problem
Replies
0
Views
36
wrighbr1
wrighbr1
mattbarkerlfc
  • Locked
  • Question
Checkpoint 2200 subnet overlap problem
Replies
0
Views
39
mattbarkerlfc
mattbarkerlfc
sebd44
  • Locked
  • Question
sonicwall statistics problem
Replies
0
Views
28
sebd44
sebd44
kjurczok
  • Locked
  • Question
ASA 5515 9.2 port forwarding problem
Replies
0
Views
40
kjurczok
kjurczok

Part and Inventory Search

Sponsor

Back
Top