- A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
Re: blocking spam with cisco routers [7:48971] posted 07/17/2002
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]

Brad Ellis wrote:
> Yup, use an access list filtering IPs on port 25 (only allow
> yours through)

Yes, but, other SMTP servers for legitimate reasons are also going to be
opening TCP sessions to port 25 because they have e-mail to send to your
users. It's not as easy as it sounds.

I guess it depends on the ISP's network architecture too. We have a
challenge where I work in that our users are on cable modems that connect to
the cable provider (which isn't technically us). Their e-mail requests come
into our network on the same interface that all Internet traffic comes in on.


> thanks,
> -Brad Ellis
> CCIE#5796 (R&S / Security)
> bellis@xxxxxxxxxx
> Cisco home labs:
> ""GEORGE""  wrote in message
> news:200207162256.WAA06245@xxxxxxxxxxxxxxxxx
> > Hi all I have a question ,I configured my e-mail server to
> only accept
> > local e-mail, and deny other relay , however im still
> vulnerable to
> > spam. My question is how do the ips block other e-mail going
> to their
> > smtp
> > Do they do it by access-list? Allowing only the local network
> with port
> > 25?
> > Or just the e-mail server?
> > If cisco routers have to be involved does anyone have some
> links. Im
> > behind a pix and would like to allow only my network to use
> smtp.

Message Posted at:
FAQ, list archives, and subscription info:
Report misconduct and Nondisclosure violations to abuse@xxxxxxxxxxxxxx