Citrix, Exchange, NetScaler
0

NetScaler – Restrict SMTP Relay

Quick way to restrict Echange SMTP Relay in NetScalers is Extended ACLs. SMTP Relay can be restricted on Exchange servers or Firewalls using ACLs. Sometimes Firewalls could be managed by 3rd party company and it would be easier to manage ACLs on NetScaler. Here is an example how to configure it on NetScaler console:

#add Ectended ACLs
add ns acl InboundSMTP1 ALLOW -srcIP = 10.xxx.xxx.131 -destIP = 10.xxx.xxx.135 -destPort = 25 -protocol TCP -priority 101
add ns acl InboundSMTP2 ALLOW -srcIP = 10.xxx.xxx.123 -destIP = 10.xxx.xxx.135 -destPort = 25 -protocol TCP -priority 102
add ns acl InboundSMTP3 ALLOW -srcIP = 10.xxx.xxx.124 -destIP = 10.xxx.xxx.135 -destPort = 25 -protocol TCP -priority 103
add ns acl InboundSMTP4 ALLOW -srcIP = 10.xxx.xxx.162 -destIP = 10.xxx.xxx.135 -destPort = 25 -protocol TCP -priority 104
add ns acl InboundSMTP5 ALLOW -srcIP = 10.xxx.xxx.50 -destIP = 10.xxx.xxx.135 -destPort = 25 -protocol TCP -priority 105
#deny rest
add ns acl InboundSMTPSDeny DENY -destIP = 10.xxx.xxx.135 -destPort = 25 -protocol TCP -priority 300
#apply ACLs
apply ns acls
#save netscaler config
save ns config
 [facebook_like_button]

 

 

 

Views: 446

Jani Kohonen Visit Website
Jani Kohonen is an author of janikohonen.com and working as a Citrix Consultant and Architect with 17 years of experience in the IT industry. Jani's been working in the IT industry since 1997 and with Citrix technologies since 2001. He holds several years experience with Microsoft, Citrix, Apple, HP and VMware vendors as well as Server, Application and Desktop virtualization and Mobile technologies. He has done dozens of virtualization design and implementation projects from Small Business to the large global enterprise customers and complex environments. Jani is a Citrix, Microsoft, Apple and ITIL certified specialist. Certifications: MCP, MCSA, MCSE, MCTS, MCITP, HP ASP, HP ASC, HP CSA, HP AIS, HP ASE, VCSP, CCSP, CCA, CCAA, CCEA, CCEE, CCIA, CCP-M, CCE-V, APP, ACA, ACSP, ACTC, ITIL.
Related Posts
Citrix Acquires Sanbolic
XenMobile MDX Toolkit Documentation
XenMobile 10 – Configuration Series Part 3: Requesting an APNS Certificate

Leave Your Comment

Your Comment*

Your Name*
Your Webpage