Re: blocking telnet on port 25 with ISA server
- From: "Administrator" <Administrator@xxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 26 Mar 2003 23:22:36 -0000
Thanks for that Jim, I know that Tom was going to look at it for me quite some
time ago but I assume he got tied up with his book :)
My mail server is published with the SMTP Server option and the ISA is
installed in integrated mode although I have set the cache level to 0. I was
reading an article and tested it from work ie telneting to port 25 on my mail
server's public IP address and got the normal SMTP ready prompts. I don't allow
relaying from my site. Telnet per se is explicitly blocked and this works fine
but for port 23 only.
Regards (and thanks for your time)
Keith
-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: 26 March 2003 23:04
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: blocking telnet on port 25 with ISA server
http://www.ISAserver.org
Neither ISA nor any other firewall can tell the difference between SMTP and
Telnet during the initial TCP connection phase as they both use the standard
four-packet handshake.
ISA does have an SMTP filter that is available for server-published SMTP
servers and can disconnect SMTP-protocol violators.
The protocol you want to publish is called "SMTP Server".
If you can't locate that protocol, then:
1. see if the Enterprise Policies contains it
2. reinstall ISA in Firewall or Integrated mode
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://www.microsoft.com/isaserver
http://isaserver.org/Jim_Harrison
http://isatools.org
Read the help, books and articles!
----- Original Message -----
From: "Keith Alabaster" <administrator@xxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Wednesday, March 26, 2003 14:37
Subject: [isalist] blocking telnet on port 25 with ISA server
http://www.ISAserver.org
I've read through so many messages that I have lost the plot somewhat. Can
ISA server split TCP traffic between SMTP and Telnet? On Firewall-1 it
gives the definition inherently but I can't find it in ISA. I only want
SMTP traffic accepted on port 25 through the ISA firewall and I do not
want to use an SMTP forwarder in front of it.
Thanks
Keith
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
administrator@xxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
