I've been blacklisted, how do I block port 25 for everyone except the mail server?

Description

If you suspect that your Public IP is blacklisted because one of the workstations are spamming or creating too many outbound connections. With the help of Firewall access rules you can block all SMTP traffic from your LAN network to the WAN (Internet) except your MailServer.

Resolution

Go to Firewall | Access rules (LAN to WAN) and create 2 access rules.

Step 1.  One to allow the mail server to send mail
Step 2.  One to block all outbound mail

1.  Allowing only the mail server to send mail.

Action: Allow
From Zone: LAN
To Zone: WAN
Service: SMTP (Send E-Mail)
Source: MailServer
Destination: Any
Users Allowed: All
Schedule: Always on
Comment: 
Enable Logging: checked
Allow Fragmented Packets: Checked

 


2. Block all other outbound mail on the network.

Action: Deny
From Zone: LAN
To Zone: WAN
Service: SMTP (Send E-Mail)
Source: Any
Destination: Any
Users Allowed: All
Schedule: Always on
Comment: 
Enable Logging: checked
Allow Fragmented Packets: Checked

 

NOTE: Ensure that rule 1 (Allow) gets higher priority than rule 2 (Deny).

Related Articles

  • Firewall logs show frequent probe status changes after upgrade
    Read More
  • SSO Agent 4.0: Installation, Configurations, and troubleshooting
    Read More
  • CFS blocks valid sites due to incorrect 64: Not Rated tag
    Read More

Categories

Firewalls
SonicWall SuperMassive 9000 Series
Networking
Firewalls
SonicWall NSA Series
Networking
Firewalls
TZ Series
Networking
not finding your answers?
Ask the Community
was this article helpful?
YesNo