Hello,
I think i have a spam problem on my network and somebody suggested blocking POP/SMTP protocols for suspicios clients, so I'm trying to setup a custom traffic rule and block these protocols, but POP/SMTP are not available.
How would one go about doing this?
(PS. I'd like to do this for each client instead of a global rule since i have ipads and smartphones that heavily rely on SMTP.)
Any help is greatly appreciated.
Cheers!
You block the ports both protocols would be using. Best allow SMTP for all your whitelisted clients first, then block it for the remainder.
Edit: Fix engrish... 
Keep in mind that you can safely block SMTP (SMTP port 25 is usually blocked by your ISP anyway) if you're using webmail services. If you're using clients you need to allow SMTP TLS 465 and 587 for connectivity in most cases. If you want to make this much "safer" just allow the assigned network range your mail provider uses.
A single blocking rule should be enough if you use one of the methods:
Thanks i'll look into that.
My thinking was that the spam bots could be using other ports to send the spam although my inner voice is telling me that they'll probably have to use the default ones. Thanks i'll try that.
My ISP is using dynamic IP's and every once in a while i get an ip with a bad reputation. It takes some time for it to get delisted, but this time blacklist check says that it detected spam since the ip was assigned to me. It's probably something on their part but still i'd like to be sure. Thanks very much @diizzy i'll try that.
I was almost sure that's the case but then again i was also wrong a lot of times 
. So now my default position is "anything is possible".
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.