Educause Security Discussion mailing list archives
Re: Port 25 blocking
From: Michael_Maloney <Michael_Maloney () MIDDLESEXCC EDU>
Date: Fri, 5 Mar 2004 14:59:16 -0500
We started blocking all in/outbound Port 25 except to the authorized SMTP servers about 4-5 months ago for a couple of reasons. One was to help prevent our domain from being tagged as a "spam-domain" by one of the blocking lists. By only allowing Port 25 outbound from our authorized servers, we stopped departments who wanted to buy a mass-mailer program and do their own mass mailings, to prevent a student from being paid by a spammer to plug in a USB drive that had a spammer program on it that would send out spam while he's in class, and another reason was to help prevent a rogue box on the network from being turned into a spam zombie (ie like some of the email worms have done). Another was to help prevent the email worms from replicating themselves outside our network. We also require authentication to send SMTP thru our server within our doain, or the mail must originate from a IP address we allow. So far the only complaints have been from faculty who wanted to use our email server to send mail with. Once we pointed them at their home ISP's mail servers, everything was fine. Mike ******************************************** Mike Maloney Sr. System Engineer Middlesex County College 2600 Woodbridge Avenue Edison, NJ 08818 Phone: 732-906-7754 Cell: 908-217-2086 Fax: 732-906-4266 Email: Michael_Maloney () middlesexcc edu ******************************************** -----Original Message----- From: Tim Boshart [mailto:timsb () GOSHEN EDU] Sent: Friday, March 05, 2004 2:11 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Port 25 blocking Our department has started to discuss blocking port 25 at our firewall for all machines except for our mail servers. How many places are doing this? Why did you implement this? -- Tim S. Boshart Information Technology Services Goshen College Voice: (574) 535-7004 Email: timsb () goshen edu http://timlinux.goshen.edu/ ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Port 25 blocking Tim Boshart (Mar 05)
- <Possible follow-ups>
- Re: Port 25 blocking Michael Halm (Mar 05)
- Re: Port 25 blocking Gary Flynn (Mar 05)
- Re: Port 25 blocking Michael_Maloney (Mar 05)
- Re: Port 25 blocking Clyde Hoadley (Mar 05)
- Re: Port 25 blocking Clyde Hoadley (Mar 05)
- Re: Port 25 blocking Douglas Burke (Mar 05)
- Re: Port 25 blocking Matthew Keller (Mar 05)
- Re: Port 25 blocking Sean Lanham (Mar 05)
- Re: Port 25 blocking Charlie Prothero (Mar 06)