Educause Security Discussion mailing list archives
Re: Outbound SMTP
From: "Halliday,Paul" <Paul.Halliday () NSCC CA>
Date: Fri, 25 Apr 2008 10:49:07 -0300
We have it blocked - no exceptions. It is blocked by local AV and at the core FW. It is far too easy to abuse and not just from a malware perspective. Further, with the advent of "send mail as" on almost every mail.xyz.com I wouldn't lose too much sleep over your one-off users. Paul Halliday NSCC | Network Security Analyst Tel 902.565.9057 | Fax 902.563.0511 1240 Grand Lake Rd., Sydney, NS B1P 6J7 http://www.nscc.ca <mailto:donnie.macneil () nscc ca> From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jenkins, Matthew Sent: Friday, April 25, 2008 10:14 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Outbound SMTP I am curious how many other schools block outbound SMTP, and if so from which or all networks? We currently still allow it; however, I see very few legit connections. Usually once a week I find another student who has become malware infected, and have to shut them off until they can prove their computer is clean (unfortunately we don't have a true NAC as budget does not allow). The biggest problem is wireless users. I can block MAC addresses, however this ends up taking a lot of time from start to finish (by the time I login to WCS, push the policy to all the controllers, document it, notify our helpdesk team for the incoming phone call they will get, then all those steps in reverse when the computer is cleaned). I have been considering approaching management to just block all port 25 traffic. My holdback is that I feel bad for anyone that has their own domain somewhere and sends mail through it. We do not allow students to relay SMTP mail through our mail servers. Thoughts? Thanks for your input, Matt Matthew Jenkins Network/Server Administrator Fairmont State University Visit us online at www.fairmontstate.edu <http://www.fairmontstate.edu/>
Current thread:
- Outbound SMTP Jenkins, Matthew (Apr 25)
- <Possible follow-ups>
- Re: Outbound SMTP Di Fabio, Andrea (Apr 25)
- Re: Outbound SMTP Babb, Robert (Apr 25)
- Re: Outbound SMTP Dan Oachs (Apr 25)
- Re: Outbound SMTP Morrow Long (Apr 25)
- Re: Outbound SMTP Tim Cantin (Apr 25)
- Re: Outbound SMTP Kenneth Arnold (Apr 25)
- Re: Outbound SMTP Halliday,Paul (Apr 25)
- Re: Outbound SMTP Gary Flynn (Apr 25)
- Re: Outbound SMTP Childs, Aaron (Apr 25)
- Re: Outbound SMTP Kreider, Randall G (Apr 25)
- Re: Outbound SMTP Barros, Jacob (Apr 25)
- Re: Outbound SMTP Kreider, Randall G (Apr 25)
- Re: Outbound SMTP Kreider, Randall G (Apr 25)
- Re: Outbound SMTP Jeff Kell (Apr 25)
- Re: Outbound SMTP Joe St Sauver (Apr 25)
- Re: Outbound SMTP Jenkins, Matthew (Apr 25)
- Re: Outbound SMTP Tim Cantin (Apr 25)
(Thread continues...)