Results 1 to 5 of 5
  1. #1
    Master Untangler
    Join Date
    Sep 2016
    Posts
    130

    Default Limit internet but no email

    Hi and happy new year !!

    I need to block internet for a computer in the network but the same computer is allowed to use email (that customer is using an external exchange server).
    How can I do that ??
    I tried by creating some rule but I m not going anywhere...
    That Untangle is fully licensed (full package)

    Thanks !!

  2. #2
    Untanglit
    Join Date
    Dec 2017
    Posts
    25

    Default

    I'm new to Untangle but I believe the best way (I could be totally wrong) would be to go into Policy Manager, create a policy called "Email Only", Assign the machine/user to that Policy. Then through rules limit the traffic. You could probably just install the firewall app and allow outbound to port 25 for SMTP to the specific IP of your exchange server and block everything else.

    Or you could use Application Control and block all applications except SMTP.

  3. #3
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Lake Tahoe
    Posts
    9,655

    Default

    Port 25 is only for delivery to email servers. If the user is retrieving email, they will need ports 993 or 995 for IMAP or POP3. Also 587 or 465 for outgoing SMTP TLS.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  4. #4
    Master Untangler
    Join Date
    Sep 2016
    Posts
    130

    Default

    thanks guys, I ll give it a try.

    on a side note: I subscribed to get an email every time someone replies to the thread, but I didn't got anything (nor in spam/junk)

  5. #5
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,490

    Default

    External exchange means Outlook, Outlook uses TCP 443 to connect to the Exchange server... which means if you want to wall off the world but allow connectivity to Office 365, GOOD LUCK.

    If they have their own exchange, then you can simply use a policy to push that user into a rack with every web filter category blocked, and stuff in a bypass rule for everything destined to the Exchange server's IP address.

    Beware, that'll nuke Windows update too. I think there's a category for that, but it's midnight and my brain isn't working all that well.
    Last edited by sky-knight; 01-03-2018 at 11:46 PM.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2