You've describe the behavior I'd expect to see. There's no way for any firewall to determine the remote application. Consequently, it's (properly) up to the SMTP server to decide who can send and who can't. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver http://isaserver.org/Jim_Harrison http://isatools.org Read the help, books and articles! ----- Original Message ----- From: "Administrator" <Administrator@xxxxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Wednesday, March 26, 2003 15:22 Subject: [isalist] Re: blocking telnet on port 25 with ISA server http://www.ISAserver.org Thanks for that Jim, I know that Tom was going to look at it for me quite some time ago but I assume he got tied up with his book :) My mail server is published with the SMTP Server option and the ISA is installed in integrated mode although I have set the cache level to 0. I was reading an article and tested it from work ie telneting to port 25 on my mail server's public IP address and got the normal SMTP ready prompts. I don't allow relaying from my site. Telnet per se is explicitly blocked and this works fine but for port 23 only. Regards (and thanks for your time) Keith -----Original Message----- From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] Sent: 26 March 2003 23:04 To: [ISAserver.org Discussion List] Subject: [isalist] Re: blocking telnet on port 25 with ISA server http://www.ISAserver.org Neither ISA nor any other firewall can tell the difference between SMTP and Telnet during the initial TCP connection phase as they both use the standard four-packet handshake. ISA does have an SMTP filter that is available for server-published SMTP servers and can disconnect SMTP-protocol violators. The protocol you want to publish is called "SMTP Server". If you can't locate that protocol, then: 1. see if the Enterprise Policies contains it 2. reinstall ISA in Firewall or Integrated mode Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver http://isaserver.org/Jim_Harrison http://isatools.org Read the help, books and articles! ----- Original Message ----- From: "Keith Alabaster" <administrator@xxxxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Wednesday, March 26, 2003 14:37 Subject: [isalist] blocking telnet on port 25 with ISA server http://www.ISAserver.org I've read through so many messages that I have lost the plot somewhat. Can ISA server split TCP traffic between SMTP and Telnet? On Firewall-1 it gives the definition inherently but I can't find it in ISA. I only want SMTP traffic accepted on port 25 through the ISA firewall and I do not want to use an SMTP forwarder in front of it. Thanks Keith ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: administrator@xxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')