Security Basics mailing list archives
RE: SMTP behind NAT
From: <Michael.Randazzo () energyfutureholdings com>
Date: Fri, 1 May 2009 09:57:57 -0500
Viruses that spread via e-mail used to rely on the infected machine's default mail gateway to propagate messages. As e-mail server creators and administrators have improved security, malware authors have changed tactics and often simply create their own mini e-mail servers on infected machines to distribute messages. In a corporate network environment, it should be fairly easy to identify the authorized e-mail servers. To protect your network from rogue mail servers spreading viruses, you should block outbound traffic on TCP port 25, the default SMTP port, except from the known SMTP gateways at the router level. Mike -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Georg Pichler Sent: Sunday, April 26, 2009 2:59 PM To: security-basics () securityfocus com Subject: SMTP behind NAT Hi Guys. I'm currently in a nat environment, where outbound connections to smtp and smtps are blocked by a firewall. You are therefore forced (unless using vpn or something alike) to send mail via a local smtp server. I was wondering whether there is any sense in blocking these connections. What does the administrator gain by forcing everybody to a local open smtp server? Can you avoid being put on some kind of blacklist by these means? I would very much appreciate an answer. Thanks in advance. Best regards, Georg Pichler Confidentiality Notice: This email message, including any attachments, contains or may contain confidential information intended only for the addressee. If you are not an intended recipient of this message, be advised that any reading, dissemination, forwarding, printing, copying or other use of this message or its attachments is strictly prohibited. If you have received this message in error, please notify the sender immediately by reply message and delete this email message and any attachments from your system. ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Learn all of the latest penetration testing techniques in InfoSec Institute's Ethical Hacking class. Totally hands-on course with evening Capture The Flag (CTF) exercises, Certified Ethical Hacker and Certified Penetration Tester exams, taught by an expert with years of real pen testing experience. http://www.infosecinstitute.com/courses/ethical_hacking_training.html ------------------------------------------------------------------------
Current thread:
- SMTP behind NAT Georg Pichler (May 01)
- RE: SMTP behind NAT Michael.Randazzo (May 01)
- Re: SMTP behind NAT Laurens Vets (May 01)
- Message not available
- Re: SMTP behind NAT Georg Pichler (May 04)
- Re: SMTP behind NAT Aaron Howell (May 04)
- RE: SMTP behind NAT Murda Mcloud (May 05)
- Re: SMTP behind NAT Georg Pichler (May 06)
- RE: SMTP behind NAT Murda Mcloud (May 06)
- RE: SMTP behind NAT David Gillett (May 07)
- RE: SMTP behind NAT Murda Mcloud (May 07)
- RE: SMTP behind NAT Tariq Naik (May 08)
- Re: SMTP behind NAT bartlettNSF (May 11)
- Re: SMTP behind NAT Georg Pichler (May 04)