Re: blocking telnet on port 25 with ISA server

• From: "Jim Harrison" <jim@xxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 26 Mar 2003 16:02:38 -0800

You've describe the behavior I'd expect to see.
There's no way for any firewall to determine the remote application.
Consequently, it's (properly) up to the SMTP server to decide who can send
and who can't.

 Jim Harrison
 MCP(NT4, W2K), A+, Network+, PCG
 http://www.microsoft.com/isaserver
 http://isaserver.org/Jim_Harrison
 http://isatools.org

 Read the help, books and articles!
----- Original Message -----
From: "Administrator" <Administrator@xxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Wednesday, March 26, 2003 15:22
Subject: [isalist] Re: blocking telnet on port 25 with ISA server


http://www.ISAserver.org


Thanks for that Jim, I know that Tom was going to look at it for me quite
some time ago but I assume he got tied up with his book :)

My mail server is published with the SMTP Server option and the ISA is
installed in integrated mode although I have set the cache level to 0. I was
reading an article and tested it from work ie telneting to port 25 on my
mail server's public IP address and got the normal SMTP ready prompts. I
don't allow relaying from my site. Telnet per se is explicitly blocked and
this works fine but for port 23 only.

Regards (and thanks for your time)

Keith


-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: 26 March 2003 23:04
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: blocking telnet on port 25 with ISA server


http://www.ISAserver.org


Neither ISA nor any other firewall can tell the difference between SMTP and
Telnet during the initial TCP connection phase as they both use the standard
four-packet handshake.

ISA does have an SMTP filter that is available for server-published SMTP
servers and can disconnect SMTP-protocol violators.
The protocol you want to publish is called "SMTP Server".
If you can't locate that protocol, then:
1. see if the Enterprise  Policies contains it
2. reinstall ISA in Firewall or Integrated mode

 Jim Harrison
 MCP(NT4, W2K), A+, Network+, PCG
 http://www.microsoft.com/isaserver
 http://isaserver.org/Jim_Harrison
 http://isatools.org

 Read the help, books and articles!
----- Original Message -----
From: "Keith Alabaster" <administrator@xxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Wednesday, March 26, 2003 14:37
Subject: [isalist] blocking telnet on port 25 with ISA server


http://www.ISAserver.org


I've read through so many messages that I have lost the plot somewhat. Can
ISA server split TCP traffic between SMTP and Telnet? On Firewall-1 it
gives the definition inherently but I can't find it in ISA. I only want
SMTP traffic accepted on port 25 through the ISA firewall and I do not
want to use an SMTP forwarder in front of it.
Thanks
Keith


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
administrator@xxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » blocking telnet on port 25 with ISA server
• » Re: blocking telnet on port 25 with ISA server
• » Re: blocking telnet on port 25 with ISA server
• » Re: blocking telnet on port 25 with ISA server
• » RE: blocking telnet on port 25 with ISA server
• » Re: blocking telnet on port 25 with ISA server

1. Home
2. isalist
3. Archive
4. 03-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---