having trouble setting up my firewall

I want to allow smtp ONLY from my spam filtering server hosted online.

i have attached the two rules i have below. but it still lets all smtp in.

any ideas?

First allow my own server



then block all others

Hello,

I have spotted you have set from port 25 to 25 - however other ports are actually used when travelling over the internet. This is how I would et the filtering:

Under IP Object, I set and Index for each of the email providers.

Friendly Name
WAN
IP Range

Under IP Group, I create an Index called "Incoming SMTP" Interface Any (handy for VPN intercompany mail) and add in the trusted indexees.

Under Service Type Object, I create and Index called SMTP

Name SMTP
Protocol TCP
Source Port = 1 - 65535
Destination Port = 25 - 25

Firewall >> Filter Setup

Index 2 "Default Data Filter"

Extend this as follows:

Index 2

Comments: Block SMTP

Direction: WAN > LAN
Source IP: Any
Destination IP: Any
Service Type: SMTP
Fragments Don't Care

Application
Filter: Block If No Further Match

Index 3

Comments: Trusted SMTP

Direction: WAN > LAN
Source IP: Incoming SMTP (choose the IP Group created earlier)
Destination IP: Any
Service Type: SMTP
Fragments Don't Care

Application
Filter: Pass Immediately

I think that's it. Seems long winded to start with, but it does make on-going changes much easier to handle in the future imo.

Regards, Neal