General discussion

  • Creator
    Topic
  • #2272805

    restricting internet e-mail access

    Locked

    by planit16 ·

    I need to be able to restrict internet e-mail access on a lan segment while allowing intranet e-mail access to each user on the same lan segment. Each Pc is using the Windows XP pro platform. ip addresses are static non-routable (192.168.15.X).

All Comments

  • Author
    Replies
    • #2716789

      Reply To: restricting internet e-mail access

      by sgt_shultz ·

      In reply to restricting internet e-mail access

      hmmm. you could restrict pop3 clients with port block but no way to block html except blacklist the sites…

    • #2716774

      Reply To: restricting internet e-mail access

      by cg it ·

      In reply to restricting internet e-mail access

      well about the only way to block outbound internet port 25 traffic while allowing outbound port 25 intranet traffic is a proxy server or a multihomed server acting as a router between the internet and intranet. with a mutihomed server acting as a router, you create a filter in advanced properties for the NIC which acts as a gateway. Filter properties would be block outbound port 25. The LAN segment would still be able to obtain intranet email via a mail server as traffic would go over the LAN NIC on the mutihomed server acting as a router.

    • #2716340

      Reply To: restricting internet e-mail access

      by budthegrey ·

      In reply to restricting internet e-mail access

      You left out a key peice of information — where is the mail server? Are you hosting yor own e-mail, or is your ISP providing mail services?

      If you are handling your own mail services, many mail server packages can be configured to allow/deny outside sending based on account id (e-mail address).

      If your ISP is providing e-mail, then e-mail for these users is probably an all-or-nothing proposition. Either they can send/receive mail to anyone, or they can’t send/receive mail at all. The best solution is to use your firewall (you *do* have a firewall, right?) to block access to the common e-mail ports: 25,110,143.

    • #2715372

      Reply To: restricting internet e-mail access

      by amanabala ·

      In reply to restricting internet e-mail access

      Assuming you dont want users to access yahoo mail and similar email products, you can block them at the firewall by configuring outbound filters (configuration varies by firewall but principle remains the same). Another, more manageable solution is to use a proxy server and configure it to block access to internet mail sites.
      Hope this helps
      -Ravi

Viewing 3 reply threads