Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 27 subscribers
  • Views 707 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

blocking countries from trying to relay our exchange server, same time keeping them from email us

leo hamel

Hi all

I see a lot of relaying attempts from specific country every day, i am tired of adding the new IP everyday to the firewall rule since they use a new IP every time 

I can make a NAT for this country to re direct their request to fake server specifying the ports involved 

I am thinking blocking ports (25,465,587,443.80) But we have vendors from this country who are trying to reach us to our email

I don't want to whitelist those vendors, its not continent since they might change their IP address or service or there might be more vendors trying to reach us

is there a way to block only the relay attempts? and how

thanks



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to rfcat_vk

    for OWA

    Source zone: WAN

    Source network: Any

    Destination zones: LAN

    Destination networks: Port X (the public port assigned to the exchange)

    Services: HTTPS

    for SMTP (auto added when MTA Created)

    Source zone: Any

    Source network: Any

    Destination zones: Any

    Destination networks: Any

    Services: SMTP,SMTPS

    (this rule is connected to NAT rule) the NAT setting is below:

    NAT

    Original source: Any

    Original destination: Any
    Original service: SMTP,SMTPS
    Translated source (SNAT): MASQ
    Translated destination (DNAT): Original
    Translated service: (PAT)
    Inbound interface: Any
    Outbound interface: Any
Children
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?