Sorry I missed the ! -( I am going to test it now on a 2850)

do you have any open ports?

I have tested it and when you try and press ok after entering a single IP with a ! in front of it is says "Please make sure the IP you input is valid"

Are you clicking on the Edit button on the end of Source, Destination and Service to put in your parameters? It puts the ! in for you if you select Invert selection, is that what you done?


the rule then works, I just tested from a few places

(this is blocking my ip only) Connecting To 81.138.201.98...Could not open connection to the host, on port 25:
Connect failed

but form other places the SMTP server responded ok


I could then flip the rule over and it blocked everything except my WAN IP

Yep that's right I click on Edit, change to Single Address, and then tick the Invert Selection.

I do have an Open port setup that takes the Port 25 to the Server IP (I read this is still required)

btw i'm using a 2830 - sorry didn't clock the original post was regarding a 2850

should still be the same, the one I tested on had a open port to a LAN IP for port 25 yes the rule still worked inverted and not inverted.

I take it you are trying to only allow your smart host (or what ever your MX is pointed too) to deliver mail to your domain?

Some thing must be missed, I can test in on a 2830 just incase if you like

sicon wrote:
I take it you are trying to only allow your smart host (or what ever your MX is pointed too) to deliver mail to your domain?
Some thing must be missed, I can test in on a 2830 just incase if you like

Yep that's right yes

I'm sure i must be missing something but can't for the life of me figuer it out

Can you give me a basic guide of network?

If the 2830 the router and firewall or is there anything in from of it?

Do you have any other rules in the Data filter?