Block Port 25 on SBS with some exceptions

[Maranello]

Hi,
I have some connections in my server which I think that they are spammers. So here I want to make my server more secure by blocking the port 25 while sending data on the network. But the users which are on the sbs machine must not get affected. So what is the way by which the data only goes to those whom I allow via port 25. The blocking things must avoid my known users and block the unrecognized users. So here I need a way to do this. Simply I want to stop the port and don't want my information to reach anyone. Help needed. Thanks in advance.

[Milton.J]

To block the port 25 of your with some exception you will need to configure a list of your users in the server. For this go to Exchange System Manager where you can set up a smtp relay restrictions. By providing the restriction your server will only connect to the known users instead of an open connection. In Exchange System Manager go to server. Then protocol and select smtp. Look for your default smtp virtual server and select properties by right clicking on it. Select access > relay restrictions. Add your list and uncheck on " uncheck 'allow all computers to relay "

[Spyrus]

It is an good decision in order to protect your confidential information from strangers. I am listing some points which you can refer to controls attacks on your server. This points will make your server more secure and safe. The first is to control malware. This can be done by forcing all host to contact only approved outbound mail server on their respected network. By blocking port 25 many spyware, worms and zombie spammers can be stopped. Second thing if the malware is so strong to copy the user's email clients settings, then the message needs to be scanned for virus. Simple configuration in firewall and message server will make a big difference. Third thing by audit trail you can easy identify which user is affected. Under this all message will require their submissions to be authenticated.

[Snake08]

I used IPSEC filter to block the outgoing port 25. The Microsoft filter rules can be used to protect windows based servers from network attacks. By this you can only allow an smtp email from the server to your known users and blocking the clients which you can think are spammers. It works on both single and dual nic sbs system. In this process the filtering happen before the packets leaves the client. Follow the below instruction to perform the action. First you will need to create and link a GPO to the clients computer. After in GPO create a new ipsec policy. Now edit the properties. Edit the properties as per your requirement by creating the list and denying the ip's.