RE: how to block SMTP Commands without ISA Server

  • From: <oevans@xxxxxxxxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Wed, 3 Dec 2003 12:29:44 -0500

What you do is deny port 21 and 20 on your firewall that points to your
mail server.
E.g. if your mail server is 192.168.100.5 then you would use:

access-list 101 deny tcp any host 192.168.100.5 eq telnet 

This pertains to a pix firewall but you may have some other brand.

O.e

-----Original Message-----
From: Victor Naranjo [mailto:vnaranjo@xxxxxxxxxxxxx] 
Sent: Wednesday, December 03, 2003 12:14 PM
To: [ExchangeList]
Subject: [exchangelist] RE: how to block SMTP Commands without ISA
Server

http://www.MSExchange.org/

I can connect to Exchange Server doing telnet session to port 25 and
execute commands like, helo domain, mail from, etc and send a message to
an internal mailbox making impersonation .  

This is a security issue, how to block this smtp commands is anybody
make a telnet session to port 25? 

-----Original Message-----
From: Mulnick, Al [mailto:Al.Mulnick@xxxxxxxxxx]
Sent: Wednesday, December 03, 2003 11:48 AM
To: [ExchangeList]
Subject: [exchangelist] RE: how to block SMTP Commands without ISA
Server

http://www.MSExchange.org/

Can you give an example of what you want?  I suspect that blocking
commands means one thing to you and something different to me.  I think
of blocking commands as disabling verbs.  I suspect you want to block
specific users from sending you email.  A deny or block list.


Al

 

-----Original Message-----
From: Victor Hugo Naranjo [mailto:vnaranjo@xxxxxxxxxxxxx]
Sent: Wednesday, December 03, 2003 11:40 AM
To: [ExchangeList]
Subject: [exchangelist] how to block SMTP Commands without ISA Server

http://www.MSExchange.org/

Help with this...
=20
In Exchange 5.5, 2000 and 2003 how to block SMTP Commands without ISA =
Server?
If the Mail from: (SMTP Command) is blocked, Can I still receive
Internet eMails?


Victor Naranjo
CONSULTANT
SYNERGY



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------


Other related posts: