Re: Restrict incoming smtp by IP address

Tech-Archive recommends: Fix windows errors by optimizing your registry

Click "Accept only" and enter only the IP address of the SMTP server that
will be sending your incoming mail.
--
Ed Crowley
MVP - Exchange
"Protecting the world from PSTs and brick backups!"

"Don Murphy" <murpy@xxxxxxxxxxxxxxx> wrote in message
news:OWaOe2JyHHA.5204@xxxxxxxxxxxxxxxxxxxxxxx
Is it still possible to deny all in connection filtering somehow?


"John Oliver, Jr. [MVP]" <jcoliverjr@xxxxxxxxxxx> wrote in message
news:BBBD0D55-5EFD-4EAD-9954-CF329247809B@xxxxxxxxxxxxxxxx
Don,

If you are using a Third Party Filtering service you will need to lock
down your Exchange Server to allow only connections from their filtering
servers. I am surprised they did not provide instructions or
documentation to explain this. You can accomplish this through your SMTP
Virtual Server- Access Tab- Connection Control. You will need to get a
list of Filtering Service IP Subnets from your filtering provider and
input them.

--
John Oliver, Jr
MCSE, MCT, CCNA
Exchange MVP 2007
Microsoft Certified Partner


"Don Murphy" <murpy@xxxxxxxxxxxxxxx> wrote in message
news:evrrBcIyHHA.5484@xxxxxxxxxxxxxxxxxxxxxxx
I see the accept and deny buttons. I also understand that accept
overides deny. How to I say deny all with the deny button. The
interface only allows for an IP or a subnet to be entered. What am I
missing?


I also don't understand the provider service you talk about below.

Thanks for your time.

Don Murphy



"Daniele Catanesi" <ehlomate@xxxxxxxxx> wrote in message
news:469C68A7.9070700@xxxxxxxxxxxx
Hello Don,

if I understood your issue the solution to your problem in escribed in
the KB article you mentioned in this section:

To deny delivery based on the IP address of the sending mail server,
follow these steps:
1. On the Connection Filtering tab, click Deny, and then click Add.
2. Click Single IP Address to add one IP address, or click Group of IP
Addresses to add a whole subnet.

Note The global accept list overrides the global deny list. If you use
the global accept list or the global deny list in combination with a
provider service, Exchange 2003 appropriately accepts or denies the
connection and does not check any connection filter rules.

Cheers, Daniele.


--
Daniele Catanesi
MCT, MCSE, MCSA
Please reply to the newsgroup so that all may benefit

MSN : daniele.catanesi@xxxxxxxxx
Blog : ehlomate.blogspot.com
Blog : msexchangehell.blogspot.com (Italian)
mail : ehlomate#SNIPTHIS#@gmail.com







.

Quantcast