Hi, Is there any way, on the firewall, to block external requests to port 25 using telnet? We have had problems with users telneting to our exchange server and sending spoofed messages to our internal users. Thanks. PC.
Caux, Patrice wrote:> Hi, > Is there any way, on the firewall, to block external requests to port 25 using telnet? We have had problems with users telneting to our exchange server and sending spoofed messages to our internal users. Thanks. PC. >Er -- why do you have Shorewall configured so that it is allowing these connections in the first place????? -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net
Caux, Patrice wrote:> Hi, > Is there any way, on the firewall, to block external requests to port 25 using telnet? We have had problems with users telneting to our exchange server and sending spoofed messages to our internal users. Thanks. PC. >Sorry -- please ignore my last post. Haven''t had my coffee yet this morning (I read the ''telnet'' and ignored the ''port 25''). So long as the telnet user knows enough about SMTP to talk directly to your server, there''s nothing you can do in a firewall to stop this. You can implement UCE controls in your SMTP server though to make it more difficult (HELO restrictions, RBL, dialin blacklisting). -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net
> Hi, > Is there any way, on the firewall, to block external requests to port 25using telnet? We have had problems with users telneting to our exchange server and sending spoofed messages to our internal users. Thanks. PC. Of course not. The answer is "Configure your MTA to ignore spoofed messages with the help of rules, restrictions and various RBL''s and such". There is no way to tell the difference between a machine connecting, or a user connecting.