Technology Tips and News
Hi,
After installing Exchange 2013 with SSL certificate with OWA, Active Sync and outlook anywhere. I observed that if someone from external network can telnet to my server is able to connect. I checked it and find that port 25 and 587 is open and bypass my Fortinet firewall.
I would like to know how can I block these ports and don't allow anyone can telnet on my Exchange server from externally. Please assist.
But if you set the ACLs on the firewall to only allow traffic between your smarthost and your mail servers then unless the source IP is from your smarthost then the connection should fail.
If that's not happening then you need to talk to your firewall admin and make sure his rule is configured properly.
Hi,
As Hinte mentioned, we cannot block telnet on port 25. Its the way SMTP works. If you want to mitigate Spoofed Senders, then implement SPF/Sender ID and have your SMTP gateway anti-spam solution check for that and block or mark unauthenticated messages.
Exchange Network Port Reference and Exchange 2010 Security Guide, for your reference:
https://technet.microsoft.com/en-us/library/bb331973(v=exchg.141).aspx
https://technet.microsoft.com/en-us/library/bb691338(v=exchg.141).aspx#NetworkPortandFirewall
Additional, I find an similar thread about your question, please refer to:
https://social.technet.microsoft.com/Forums/office/en-US/551abe70-cadf-40c4-8f3b-46983e1858a3/how-to-block-send-email-by-telnet-using-exchange-2010?forum=exchange2010
Thanks
This topic is archived. No further replies will be accepted.
Other recent topics
Click here to get your free copy of Network Administrator. Over 25 plugins to make your life easier