Re: Blocking port 25 outbound

[Jason Richardson <A00JER2 () WPO CSO NIU EDU>]

We're doing the same, since last year.  The list of "approved" e-mail
servers is longer than I like but it's a lot better than leaving
outgoing SMTP wide open.



---
Jason Richardson
Manager, IT Security and Client Development
Enterprise Systems Support
Northern Illinois University

> > > lmoisa () MEMPHIS EDU 8/22/2005 2:58 PM >>>
We have done this two years ago. We have access lists on the core
switches, letting only a few "official" mail servers to send mail in
Internet.

First two weeks were harder, until all the Campus knew that they had
to
use only known mail servers.



It was a good opportunity to find computers that had their "own SMTP
engine" - infected with different viruses/worms that wanted to
propagate
further.



Liliana Moisa

Network Security Specialist

University of Memphis

901 678 3001





________________________________

From: Lazor, Joseph [mailto:JLazor () ADMIN FSU EDU]
Sent: Monday, August 22, 2005 2:30 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Blocking port 25 outbound



Hello out there,



We are considering blocking all port 25 traffic outbound.  We have
noted
various ISP's and others moving to block port 25 outbound to reduce
"spamming".  We wish to be good "netizens"

Have any of you done this already and what has been the push back of
issues related to implementation on your campus?



Regards,



Joseph A. Lazor

Florida Sate University