Dumb SMTP block outbound question

  • I think it must be Monday, and not Thursday…..
    I'm trying to write a firewall rule that will block all smtp (port 25) traffic going out the WAN port, EXCEPT from on smtprelay server that I have set up on my LAN.

    Do I create the rule on the WAN port or the LAN port?
    Blood sugar must be low because this should be a "no brainer" but the brain just isn't working today.

    Will anyone take pity and suggest the correct rule configuration?

    TIA - Paul
    PS, Is it Friday yet?

  • Add a block rule to LAN.
    Protocol: TCP (or any)
    Source: check "invert match." and select "Singel host or alias" and enter the smtp-relay address.
    Destination port range: SMTP

    Put the rule above any which could allow this traffic.

  • Sweet! Thanks so much!

  • LAYER 8 Global Moderator

    another method is to create rule that allows your IP you want out 25, then rule just below that blocks all to 25.