Educause Security Discussion mailing list archives

Re: Port 25 blocking

From: Michael_Maloney <Michael_Maloney () MIDDLESEXCC EDU>
Date: Fri, 5 Mar 2004 14:59:16 -0500

We started blocking all in/outbound Port 25 except to the  authorized SMTP
servers about 4-5 months ago for a couple of reasons.

One was to help prevent our domain from being tagged as a "spam-domain" by
one of the blocking lists.  By only allowing Port 25 outbound from our
authorized servers, we stopped departments who wanted to buy a mass-mailer
program and do their own mass mailings, to prevent a student from being paid
by a spammer to plug in a USB drive that had a spammer program on it that
would send out spam while he's in class,  and another reason was to help
prevent a rogue box on the network from being turned into a spam zombie (ie
like some of the email worms have done).

Another was to help prevent the email worms from replicating themselves
outside our network.

We also require authentication to send SMTP thru our server within our
doain, or the mail must originate from a IP address we allow.

So far the only complaints have been from faculty who wanted to use our
email server to send mail with.  Once we pointed them at their home ISP's
mail servers, everything was fine.

Mike

********************************************
Mike Maloney
Sr. System Engineer
Middlesex County College
2600 Woodbridge Avenue
Edison, NJ 08818
Phone: 732-906-7754
Cell: 908-217-2086
Fax: 732-906-4266
Email: Michael_Maloney () middlesexcc edu
********************************************
-----Original Message-----
From: Tim Boshart [mailto:timsb () GOSHEN EDU]
Sent: Friday, March 05, 2004 2:11 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Port 25 blocking

Our department has started to discuss blocking port 25 at our firewall for
all machines except for our mail servers. How many places are doing this?
Why did you implement this?
--
Tim S. Boshart             Information Technology Services
Goshen College             Voice: (574) 535-7004
Email: timsb () goshen edu    http://timlinux.goshen.edu/

**********
Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at http://www.educause.edu/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.

Current thread:

Port 25 blocking Tim Boshart (Mar 05)
- <Possible follow-ups>
- Re: Port 25 blocking Michael Halm (Mar 05)
- Re: Port 25 blocking Gary Flynn (Mar 05)
- Re: Port 25 blocking Michael_Maloney (Mar 05)
- Re: Port 25 blocking Clyde Hoadley (Mar 05)
- Re: Port 25 blocking Clyde Hoadley (Mar 05)
- Re: Port 25 blocking Douglas Burke (Mar 05)
- Re: Port 25 blocking Matthew Keller (Mar 05)
- Re: Port 25 blocking Sean Lanham (Mar 05)
- Re: Port 25 blocking Charlie Prothero (Mar 06)