RE: how to block SMTP Commands without ISA Server

  • From: "Mark Fugatt" <mark@xxxxxxxxx>
  • To: "'[ExchangeList]'" <exchangelist@xxxxxxxxxxxxx>
  • Date: Wed, 3 Dec 2003 12:39:03 -0500

20 and 21 are FTP, you cannot stop people from using a Telnet client and
connecting to port 25 on your SMTP server without blocking port 25 which
would defeat the object of having an SMTP server.

Mark Fugatt 
MCT, MCSE, Microsoft Exchange MVP 
Pentech Office Solutions Inc 
Tel:  585 586 3890
Cell: 585 576 4750
Fax:  585 249 0316
MSN IM: mark@xxxxxxxxx
www.4mcts.com 
www.exchangetrainer.com 


-----Original Message-----
From: oevans@xxxxxxxxxxxxxxx [mailto:oevans@xxxxxxxxxxxxxxx] 
Sent: Wednesday, December 03, 2003 12:30 PM
To: [ExchangeList]
Subject: [exchangelist] RE: how to block SMTP Commands without ISA Server

http://www.MSExchange.org/


What you do is deny port 21 and 20 on your firewall that points to your mail
server.
E.g. if your mail server is 192.168.100.5 then you would use:

access-list 101 deny tcp any host 192.168.100.5 eq telnet 

This pertains to a pix firewall but you may have some other brand.

O.e

-----Original Message-----
From: Victor Naranjo [mailto:vnaranjo@xxxxxxxxxxxxx]
Sent: Wednesday, December 03, 2003 12:14 PM
To: [ExchangeList]
Subject: [exchangelist] RE: how to block SMTP Commands without ISA Server

http://www.MSExchange.org/

I can connect to Exchange Server doing telnet session to port 25 and execute
commands like, helo domain, mail from, etc and send a message to an internal
mailbox making impersonation .  

This is a security issue, how to block this smtp commands is anybody make a
telnet session to port 25? 

-----Original Message-----
From: Mulnick, Al [mailto:Al.Mulnick@xxxxxxxxxx]
Sent: Wednesday, December 03, 2003 11:48 AM
To: [ExchangeList]
Subject: [exchangelist] RE: how to block SMTP Commands without ISA Server

http://www.MSExchange.org/

Can you give an example of what you want?  I suspect that blocking commands
means one thing to you and something different to me.  I think of blocking
commands as disabling verbs.  I suspect you want to block specific users
from sending you email.  A deny or block list.


Al

 

-----Original Message-----
From: Victor Hugo Naranjo [mailto:vnaranjo@xxxxxxxxxxxxx]
Sent: Wednesday, December 03, 2003 11:40 AM
To: [ExchangeList]
Subject: [exchangelist] how to block SMTP Commands without ISA Server

http://www.MSExchange.org/

Help with this...
=20
In Exchange 5.5, 2000 and 2003 how to block SMTP Commands without ISA =
Server?
If the Mail from: (SMTP Command) is blocked, Can I still receive Internet
eMails?


Victor Naranjo
CONSULTANT
SYNERGY



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security
Resource Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------





Other related posts: