RE: Firewall Configuration for SMTP
- From: "Wayne" <Wayne@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 16 Dec 2005 08:02:03 -0800
Hi, and thanks for getting back to me. I am using ISA server 2000 (ver 3)
and I am trying to restrict inbound smtp traffic. We have a filtering
service off site that the MX records point to, then they forward all email to
our exchange server. To prevent email bypassing this filter (by them sending
directly to our IP address) I need to only allow this traffic, which comes
from two ranges of IP addresses. If I go into the access policy -> IP packet
filters -> SBS smtp predefined typy -> allow, I am able to put in an IP and
Mask. I do nte see how I can put in more then one range here. In the latest
version you can specify as many ranges as you like. If I create two smtp
filters for incoming traffic, one for each range, will this end up blocking
all traffic?
Thanks - Wayne
""Crina Li"" wrote:
> Hi Wayne,
>
> Thank you for posting in SBS newsgroup.
>
> You said "need to lock down the firewall to only accept SMTP traffic from
> two networks", do you mean you are using ISA server 2000 and want to
> implement restriction on outbound SMTP traffic?
>
> If so, you can create computer sets for the particular subnets and create
> protocol rule to allow the requests from the computer sets.
>
> Hope it helps and I look forward to hearing from you.
>
> Best regards,
>
> Crina Li (MSFT)
>
> Microsoft CSS Online Newsgroup Support
>
> Get Secure! - www.microsoft.com/security
>
> =====================================================
> This newsgroup only focuses on SBS technical issues. If you have issues
> regarding other Microsoft products, you'd better post in the corresponding
> newsgroups so that they can be resolved in an efficient and timely manner.
> You can locate the newsgroup here:
> http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
>
> When opening a new thread via the web interface, we recommend you check the
> "Notify me of replies" box to receive e-mail notifications when there are
> any updates in your thread. When responding to posts via your newsreader,
> please "Reply to Group" so that others may learn and benefit from your
> issue.
>
> Microsoft engineers can only focus on one issue per thread. Although we
> provide other information for your reference, we recommend you post
> different incidents in different threads to keep the thread clean. In doing
> so, it will ensure your issues are resolved in a timely manner.
>
> For urgent issues, you may want to contact Microsoft CSS directly. Please
> check http://support.microsoft.com for regional support phone numbers.
>
> Any input or comments in this thread are highly appreciated.
>
> =====================================================
>
> This posting is provided "AS IS" with no warranties, and confers no rights.
> --------------------
> | Thread-Topic: Firewall Configuration for SMTP
> | thread-index: AcYBzn8A1jOJgh2BTp2zinOwJV71aA==
> | X-WBNR-Posting-Host: 208.200.82.13
> | From: "=?Utf-8?B?V2F5bmU=?=" <Wayne@xxxxxxxxxxxxxxxxxxxxxxxxx>
> | References: <BCD27378-4CF5-41B5-963D-26E29C0B204E@xxxxxxxxxxxxx>
> | Subject: RE: Firewall Configuration for SMTP
> | Date: Thu, 15 Dec 2005 15:23:03 -0800
> | Lines: 15
> | Message-ID: <7F3555BB-1B42-44E7-B324-02D8F1DF5BA9@xxxxxxxxxxxxx>
> | MIME-Version: 1.0
> | Content-Type: text/plain;
> | charset="Utf-8"
> | Content-Transfer-Encoding: 7bit
> | X-Newsreader: Microsoft CDO for Windows 2000
> | Content-Class: urn:content-classes:message
> | Importance: normal
> | Priority: normal
> | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
> | Newsgroups: microsoft.public.windows.server.sbs
> | NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
> | Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
> | Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.windows.server.sbs:230527
> | X-Tomcat-NG: microsoft.public.windows.server.sbs
> |
> | PS, I do not have the latest version of ISA server, on which this is an
> easy
> | configuration, but the previous version.
> | Thanks !
> |
> |
> | "Wayne" wrote:
> |
> | > Hi,
> | > I am running SBS2003 premium, ISA installed, and need to lock down the
> | > firewall to only accept SMTP traffic from two networks. When I go to
> look at
> | > the existing rule it is wide open, but it does look like I can restrict
> it to
> | > a single subnet. How can I allow two different subnets to send SMTP
> traffic?
> | > If I create 2 rules, one for each subnet will they end up blocking
> each
> | > other?
> | > Thanks - Wayne
> |
>
>
.
- Follow-Ups:
- RE: Firewall Configuration for SMTP
- From: "Crina Li"
- RE: Firewall Configuration for SMTP
- References:
- RE: Firewall Configuration for SMTP
- From: "Crina Li"
- RE: Firewall Configuration for SMTP
- Prev by Date: Re: 2 nics
- Next by Date: strage stuff n GP management
- Previous by thread: RE: Firewall Configuration for SMTP
- Next by thread: RE: Firewall Configuration for SMTP
- Index(es):
Relevant Pages
|
