On our default recieve connector someone has set it to allow recieve from email range 0.0.0.0-255.255.255.255.
This is not ideal so i want to create a recieve connector to add certain ip's to as a 'relay' connector.
So my question, how can i log the IP addresses of machines which are currently sending mail through the default connector?? I can then add these to the new relay comnnector and remove the range from the default connector.
run wireshark on the mail server and set the filter to something like
ip.dst == 10.10.10.10 && tcp.port ==25
obviously change the ip to the mail server's ip address.
bear in mind you could drop the connections at the firewall rather than the smtp receiver if you want, if you drop it at the firewall the sender won't know why might be what you want.
Last edited by ConradJones; 1st June 2013 at 12:58 PM.
There are currently 1 users browsing this thread. (0 members and 1 guests)