Re: SMTP behind NAT

[Aaron Howell <aaron_howell () ngenuity-is com>]

Georg Pichler wrote:
> It would be convenient if I could send my mail directly - encrypted of 
> course - via a mailserver of my choice.

 Convenient for you, or convenient for whomever is in control of the
network where you spend most of your free time?

> Apart from load balancing, what is the benefit of blocking this traffic? Mail 
> servers on the web have to decide which mail to block and which one to let 
> through anyway, don't they? If I force all mail through my smtp server, don't 
> I just make their problem my problem.

 Load balancing really has very little to do with why people block port
25. The more common problem is PCs infected with some sort of malware
trying to send spam or replicate their malware infections. By blocking
port 25 they limit the avenues of attack, somewhat, making it easier to
to keep an eye on traffic. Egress filtering is the network admin's friend!

 Also, if I force most mail exiting my network through a single source,
I can apply whatever content filtering I want to. This can be useful in
blocking attachments, filtering blatant spam, etc. Certainly other mail
servers make decisions regarding what to accept and what to reject, but
if I can limit the garbage leaving my network, they don't have to work
quite as hard.

> Best Regards,
> Georg

Hope this was helpful,

-- 
Aaron Howell
nGenuity Information Services
509-396-2075 x6000

http://www.ngenuity-is.com

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Learn all of the latest penetration testing techniques in InfoSec Institute's Ethical Hacking class. 
Totally hands-on course with evening Capture The Flag (CTF) exercises, Certified Ethical Hacker and Certified 
Penetration Tester exams, taught by an expert with years of real pen testing experience.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------