GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
Re: blocking spam with cisco routers [7:48971] posted 07/17/2002
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


Brad Ellis wrote:
> 
> Yup, use an access list filtering IPs on port 25 (only allow
> yours through)

Yes, but, other SMTP servers for legitimate reasons are also going to be
opening TCP sessions to port 25 because they have e-mail to send to your
users. It's not as easy as it sounds.

I guess it depends on the ISP's network architecture too. We have a
challenge where I work in that our users are on cable modems that connect to
the cable provider (which isn't technically us). Their e-mail requests come
into our network on the same interface that all Internet traffic comes in on.

Priscilla


> 
> thanks,
> -Brad Ellis
> CCIE#5796 (R&S / Security)
> bellis@xxxxxxxxxx
> Cisco home labs:  www.optsys.net
> ""GEORGE""  wrote in message
> news:200207162256.WAA06245@xxxxxxxxxxxxxxxxx
> > Hi all I have a question ,I configured my e-mail server to
> only accept
> > local e-mail, and deny other relay , however im still
> vulnerable to
> > spam. My question is how do the ips block other e-mail going
> to their
> > smtp
> > Do they do it by access-list? Allowing only the local network
> with port
> > 25?
> > Or just the e-mail server?
> > If cisco routers have to be involved does anyone have some
> links. Im
> > behind a pix and would like to allow only my network to use
> smtp.
> 
> 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48989&t=48971
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to abuse@xxxxxxxxxxxxxx