I appreciate everyones effort to tell me something I already know. That the mail server needs to stop open relays and that has already been done. But my point was to see if there was a solution at the firewall level. Now I know there are many many intelligent people on this list and I wanted an answer on a way to do this.
Again thanks for everyones 2 cents. Tim -----Original Message----- From: John P. Herlocher [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 23, 2001 5:30 PM To: Timothy K. Cornelius Cc: [EMAIL PROTECTED] Subject: Re: open realy mail blaklist... how to stop this at the firewall? HELP!!!!!!! The real fix for this is to configure your smtp software correctly. Your firewall filter should be an adjunct not the definative measure for your relay configuration. John On Tue, Oct 23, 2001 at 04:26:22PM -0500, Timothy K. Cornelius wrote: > > > At this time our internet mailserver(behind the FW-1) has been > designated as an open relay mailserver and has been blacklisted by > several spam blocker websites( www.orbz.org is one of them) after > reading up on how to stop this at the firewall I added two rules on > the firewall with services w/resources. the > resource(SMTP->our-mail-only-in) is SMTP and the match is coming in > the sender is * and the recipient is *loi.org. The other is going out, the > resource(SMTP->our-mail-only-out) is SMTP and the match is sender is > *loi.org and the recipient is * I have also created a rule below these two > that denies and mail service plus 2 services with resources > (SMTP->openrelay-in and SMTP->openrelay-out) these are the same as the first > two. Is this not the correct way to handle stopping an open relay mailserver > or is there a better way? > > > PLEASE HELP ME ASAP!!!!!!!!!!!!!!! our mail services are just about > non-existent, except my Firewall email groups. > > 1 Source: any Dest.: mailserver Service: SMTP->our-mail-only-in > Action: accept > 2 Source:mailserver Dest: any Service:SMTP->our-mail-only-out > Action: accept > > Thanks in advance, > > Tim > > > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.286 / Virus Database: 152 - Release Date: 10/9/2001 > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.286 / Virus Database: 152 - Release Date: 10/9/2001 > > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > http://lists.gnac.net/mailman/listinfo/firewalls --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.286 / Virus Database: 152 - Release Date: 10/9/2001 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.286 / Virus Database: 152 - Release Date: 10/9/2001 _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
