List of CASG IP Addresses or CIDR Range

Wonder if anyone has a definitive CIDR or list of valid CASG IP addresses to aid in further locking down ones internal mailserver, thus preventing CASG being bypassed.

Thanks

Matt

Hi Matt,

For incoming mail use mxpool1.spamgateway.comodo.com [178.33.199.69] & mxpool2.spamgateway.comodo.com[178.33.199.65].
For outgoing (addresses that go in the smarthost configuration on the mail server) = as above.
Your firewall should allow incoming traffic from outbound.antispamgateway.comodo.com [178.33.199.67].

All good?

Kind regards,
Michel.

Might be just a tad too inclusive, but I translated the above to 178.33.199.64/29 so I’d only have to create one rule (and if they added another host in that range I wouldn’t have to go change it).

Can do that too, a tad liberal for my paranoid mind but the choice is yours :slight_smile:

Regards,
Michel.

A /29 is 8 addresses (6 if you don’t count “network” and “broadcast”). It’s the smallest possible network block that can contain addresses ending in .65 through .69.

In any case, specifying the /29 only leaves unanswered the question of what is running at 178.33.199.64, .66, .68, .70 and .71. Since these addresses belong to Comodo, I wouldn’t expect them to be anything malicious. MichelB could of course clear up any confusion by telling us what the current or planned usage of those addresses is. :slight_smile:

No I wouldn’t, I’m far too secretive…

:slight_smile: