Hey folks, I havent posted here in quite a while, but have run into something that someone probably knows off the top....
After months of begging and pleading with numerous ISP's and Mass email marketers (read: SPAMMERS), to be removed from their spam lists (of course to no avail). We have succumbed to filtering SMTP from the following netblocks: access-list acl_out deny tcp 64.37.114.64 255.255.255.224 any eq smtp access-list acl_out deny tcp 64.37.121.128 255.255.255.224 any eq smtp access-list acl_out deny tcp 65.161.31.128 255.255.255.128 any eq smtp access-list acl_out deny tcp 128.121.0.0 255.255.0.0 any eq smtp access-list acl_out deny tcp 161.58.0.0 255.255.0.0 any eq smtp (many more are to follow, this is only the beginning) My question is this: As filters go, I seem to remember having to remove my blanket Allow statement (access-list acl_out permit tcp any host my.mail.srvr.ip.addr eq smtp) and then add it back in AFTER I've added all the deny statements. Because if not the blanket allow statement would supercede any deny statements which followed. Or has the PIX code gotten more intuitive? TIA! Marc _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
