Restrict SMTP for localhost only

emailsmtpwindows-server-2008-r2

How can we restrict SMTP service to be used on localhost only?

Our websites are using localhost SMTP but we do not want any mail clients to use our server on SMTP port.

Our server is Windows Server 2008 R2 and using Mail Enabled Professional Edition V1.

Thanks.

Best Answer

My advice, especially for SMTP, is to protect yourself with as many layers of security as possible, especially if you have other people with admin access to the server, turning things like firewalls on and off... Here's how I'd do it:

  1. Firewall - make sure only 127.0.0.1 gets to talk to port 25 on your server. Reject all other connections.
  2. Set up the SMTP service to only listen for connections on 127.0.0.1. By default it's configured to listen on 0.0.0.0, which means any IP, including the public one. Even if the firewall fails or gets disabled, external clients won't be able to talk to the SMTP service on your server, because it will be "deaf" to them.
  3. Set up a relay restriction allowing only local clients (i.e. 127.0.0.1) to relay mail through the server. Even if somehow the above 2 measures fail, external clients will only be allowed to send mail to the server's local domain. Attempts by external clients to send mail (relay access) to external domains will be denied by the SMTP server.

Here's a guide on how to actually do steps 2 and 3. #2 above is shown in step 12 of the guide, and #3 above is shown in steps 13 and 15 of the guide.

Why have these 3 layers? Short answer: minimize risk of security incidents and other undesirable issues. Long answer:

  1. From a security standpoint, have things as locked down as possible. Access needs to be granted on a needs to have basis - this is a universal best practice that has saved my behind many times.
  2. Even if someone else with admin access starts making changes on the machine (e.g turns off firewall), even by accident/unintentionally, you can sleep easier knowing that there are 2 other safeguards in place.
  3. When someone with admin access starts making changes to the server config, they would have to be quite deliberate in changing both the firewall settings (or disabling it) as well as SMTP service settings, so short of sabotage, or (hopefully) an approved, documented change request, the chance of making all 3 changes are pretty slim.

I hope this helps! Good luck and take care!

Related Topic