One of my clients has been added to a DNS Blacklist and one of the recommended fixes by the blacklist is to turn off all ability for any machine inside the firewall to route Port 25 traffic through the PIX501 except the legitimate mail server on the network. I am not a pro at creating these config statements, only having to touch the PIX501 about once a year for modest changes that can usually be duplicated from other statements already created.
Could someone please provide me sample statements that would allow a designated mail server to pass SMTP traffic to the outside world while denying any other machine the ability to do so? I would appreciate it very much!
Thank you in advance for your assistance.
Mac Hammer Chandler, AZ