[isalist] Re: Limit SMTP connections from several subnets in ISA 2000
- From: "Gerald G. Young" <g.young@xxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Fri, 5 Jan 2007 16:24:52 -0500
Which dictionary is “fecious” listed in? Everything that I see wants to
correct the spelling to facetious.
Cordially yours,
Jerry G. Young II
Product Engineer - Senior
Platform Engineering, Enterprise Hosting
NTT America, an NTT Communications Company
22451 Shaw Rd.
Sterling, VA 20166
Office: 571-434-1319
Fax: 703-333-6749
Email: g.young@xxxxxxxx
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Steve Moffat
Sent: Friday, January 05, 2007 4:19 PM
To: ISA Mailing List
Subject: [isalist] Re: Limit SMTP connections from several subnets in ISA 2000
Ya get that from your CV?
J
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Jim Harrison
Sent: Friday, January 05, 2007 5:13 PM
To: ISA Mailing List
Subject: [isalist] Re: Limit SMTP connections from several subnets in ISA 2000
It is, too…
“Fecious”; adj. insultingly tongue-in-cheek. “A smartass with a shitty
attitude”
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Thor (Hammer of God)
Sent: Friday, January 05, 2007 11:24 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Limit SMTP connections from several subnets in ISA 2000
Well, since “fecious” isn’t a word, I can only imagine the closest thing
to it... Which, as it happens, does come out of a kitty ;)
t
On 1/5/07 10:52 AM, "Jim Harrison" <Jim@xxxxxxxxxxxx> spoketh to all:
Which; playing with the kitties or being fecious?
:-p
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Thor (Hammer of God)
Sent: Friday, January 05, 2007 10:42 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Limit SMTP connections from several subnets in ISA 2000
Wouldn’t that smell bad?
t
On 1/5/07 9:25 AM, "Jim Harrison" <Jim@xxxxxxxxxxxx> spoketh to all:
“I was just being facetious” – I see; too much playing with the kitties
the past two weeks, I guess… I prefer “being fecious”, but that one
seems to elude most folks…
“SMTP NAT and source IP packet filtering so that I can specify the two
Internet subnets that are permitted through.” – this is only possible using
Server Publishing; as I stated, packet filters are only useful for ISA-local
services. Server Publishing rules allow exceptions that you can use to block
unwanted source IPs.
“need to deny anonymous SMTP connections” – that’s a completely
different-colored barrel of horsemonkeys. I think you mean “unknown”? ISA
cannot authenticate SMTP connectio0ns at all.
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Danny
Sent: Friday, January 05, 2007 9:13 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Limit SMTP connections from several subnets in ISA 2000
On 1/5/07, Jim Harrison <Jim@xxxxxxxxxxxx> wrote:
Nope; that's not true, either.
I was just being facetious. I have been inspired by:
http://www.tacteam.net/openport.htm
SMTP Server Publishing gives you the SMTP Filter and (with ISA 2000 & 2004),
the Message Screecher.]
For this requirement I just need an SMTP NAT and source IP packet filtering so
that I can specify the two Internet subnets that are permitted through.
This is far more capable than the "zealot technique".
It's packet filters that are for the "openaport" fuuls and they only apply to
services operating on the ISA itself.
Is this an SBS deployment?
Not in the Microsoft SBS software sense, but maybe in employee count. There is
a dedicated ISA server and dedicated Exchange server. The change is that email
protection has been outsourced to Postini and I need to deny anonymous SMTP
connections from the rest of the Internet.
...D
From: isalist-bounce@xxxxxxxxxxxxx [mailto: isalist-bounce@xxxxxxxxxxxxx
<mailto:isalist-bounce@xxxxxxxxxxxxx> ] On Behalf Of Danny
Sent: Friday, January 05, 2007 8:24 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Limit SMTP connections from several subnets in ISA 2000
Actually Mr. Teacher, can I have that back. I want to say, at the end of the
day, it is the packet filters. :) Server Publishing rules in ISA 2000 are just
for all of the "hardware firewall" zealots.
However, in appears as though I can only specify one source subnet per packet
filter.
...D
On 1/5/07, Danny <nocmonkey@xxxxxxxxx> wrote:
Server publishing, I believe, but ISA 2000 is like MS02 security bulletins to
me.
Thanks,
...D
On 1/3/07, Jim Harrison < Jim@xxxxxxxxxxxx <mailto:Jim@xxxxxxxxxxxx>
<mailto:Jim@xxxxxxxxxxxx> > wrote:
How is the SMTP service made public; server publishing rules or packet filters?
From: isalist-bounce@xxxxxxxxxxxxx <mailto:isalist-bounce@xxxxxxxxxxxxx>
<mailto:isalist-bounce@xxxxxxxxxxxxx> [mailto: isalist-bounce@xxxxxxxxxxxxx
<mailto:isalist-bounce@xxxxxxxxxxxxx> ] On Behalf Of Danny
Sent: Wednesday, January 03, 2007 8:17 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Limit SMTP connections from several subnets in ISA 2000
Been awhile since I used ISA 2000... what is the best way to restrict SMTP
connections from several specific Internet IP subnets?
Thanks.
All mail to and from this domain is GFI-scanned.
All mail to and from this domain is GFI-scanned.
All mail to and from this domain is GFI-scanned.
Other related posts:
