Block outgoing emails except from the mail server
By default all clients on the LAN can act as a mail server. Maybe you have a ârealâ mail server. Now a hacker steals one of your client pc’s and uses it to send out SPAM.
How do you configure the firewall so only the ârealâ mail server can send out emails?
You do it with an access-list on the inside interface. This way you can control the outgoing smtp traffic and only allow one LAN IP to send out emails.
access-list acl_out permit tcp host 10.0.0.2 any eq 25
access-list acl_out deny tcp any any eq 25
access-list acl_out permit ip any any
access-list acl_out permit icmp any any
access-group acl_out in interface inside