firewall settings to protect mail server

Discussion in 'Cisco' started by tg, Oct 2, 2008.

  1. tg

    tg Guest

    my router = Cisco 2651XM with wic-adsl card.
    IOS = c2600-adventerprisek9-mz.124-2.T.bin

    I've set up a mail server computer at my home and I was wondering if
    there are any good known router firewall settings that will hinder
    spammers relaying junk mail through my mail server. I know there are
    several things I can do on the server machine itself, but I'd also like
    to stop spammers at the router if that's possible.
    I know I can filter traffic based on outside IP addresses but people's
    ip addresses change all the time so that's not a viable approach. Is it
    possible to filter outside traffic based on a mac address?
    Thanks for any advice.
    tg, Oct 2, 2008
    1. Advertisements

  2. The router/firewall usually doesn't have the processing time to do
    many of the lookups required. It really is better at the app level.

    Single best thing you can do low-level is probably setup an RBL to
    block IPs against I'm amazed at what that will stop
    in our network.

    But routers can't do RBL lookups and block on that.

    SPAM requires full TCP connectivity, so it has to be a real live IP,
    and SPAMers typically bounce their junk off owned machines around the
    world, so if you block them at the router, you probably will block
    people trying to get to your webserer (if you have one), even if their
    machines are sending out SPAM mail without their knowledge.

    Umm, what would MAC address filtering get you with SPAMers? It's not
    possible, they only exist layer-2 on the same network.
    Doug McIntyre, Oct 3, 2008
    1. Advertisements

  3. You dont see any other, than your own MAC addresses on the same subnet
    as your mailserver.
    Gustaf Hyllested Serve, Oct 4, 2008
  4. tg

    tg Guest

    ok thanks for your response Doug.
    tg, Oct 4, 2008
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.