blocking outbound port 25

This topic contains 3 replies, has 0 voices, and was last updated by  ksrimoungchanh 8 years, 4 months ago.

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #42379

    Hello All:

    I have my default ZS firewall policy on ACCEPT/Forward. It currently does not have any rules on it. Seems that all session initiated from within the lan is open.

    I am wanting to block all traffic from port 25 accept the mail server. What is the best implementation for this.

    I also have VOIP using SIP within the LAN that connects to a external SIP. I have tried to change the policy but it seems to mess this up when I do.

    Thank for any advice.

    Kou

    #50238

    ppalias
    Member

    If traffic flows inside the LAN there not much you can do to block it. If the mail server is outside the LAN you can easily block access with a firewall rule. Do not change the policy, just create rules that BLOCK the traffic.

    #50239

    Hello ppalias,

    Thanks for the reply. I wanted to clarify myself on my initial email. I wanted to block all SMTP from within the LAN out to the INTERNET from all devices accept the internal Mail server.

    We caught a machine that was acting like it’s own email server and was possibly sending emails out from within the LAN out to the INTERNET without relaying it to our real mail server.

    is that still not possible? or with that information, there are some hopes.

    Kou

    #50240

    ppalias
    Member

    It is possible. Create first a rule to allow your mail server only and then a rule to block the whole subnet. Mind the sequence! Otherwise you will block everything!

    #50241

    BrSteven
    Member

    Set up a rule on your firewall that blocks outbound TCP port 25, you can then use http://port25.icannotconnect.com to test if the rule is effective.

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.