Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 6 replies
  • Answers 2 answers
  • Subscribers 42 subscribers
  • Views 3397 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Block port 25 or SMTP port for non replay LAN IPs

Ahmed Naveed

we configured Sophos XG in MTA mode. We need to restrict access to Port 25 for SMTP traffic to specific terminals only. Currently Port 25 is accessible from all LAN networks



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to Ahmed Naveed

    Then you can make a rule to allow SMTP traffic for the specific clients that are allowed in the source addresses followed by a rule to block all SMTP traffic. Then only the allowed clients can use SMTP and all others are blocked. If it's internal clients you would like to block, you can also use reject instead of drop, so the client gets a message back that traffic is not allowed. From WAN drop is the better choice.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Children
No Data
Unfiltered HTML