Educause Security Discussion mailing list archives

Re: Port 25 blocks

From: Gary Dobbins <dobbins () ND EDU>
Date: Wed, 12 Jan 2005 16:29:43 -0500

Jim Barlow wrote:

Our site currently blocks port 25 inbound to all hosts except our mail

...


So we are wondering if anyone else currently blocks port 25 outbound
and what they did to solve some of these problems.


We do block 25 both ways, with the outbound block recently introduced.

Only registered MTAs (beyond the central one) may emit SMTP to off-campus
hosts.  Our postmaster manages that list, and ensures that all permitted
MTAs are compliant with local standards of configuration.

We didn't encounter a large number of users requiring SMTP to off-campus.
Users who depended on external email tended to be using web interfaces.
e.g. Hotmail

The SMTP block has been a boon toward reducing the malignant/spam SMTP from
infected/comp'd machines.

--

  ------------------------------------------------------------
  Gary Dobbins, CISSP -- Director, Information Security
  University of Notre Dame, Office of Information Technologies

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Current thread:

Port 25 blocks Jim Barlow (Jan 12)
- <Possible follow-ups>
- Re: Port 25 blocks Justin Azoff (Jan 12)
- Re: Port 25 blocks Gary Dobbins (Jan 12)
- Re: Port 25 blocks Rob Tanner (Jan 12)
- Re: Port 25 blocks Dave Koontz (Jan 12)
- Re: Port 25 blocks Jon Mitchiner (Jan 12)
- Re: Port 25 blocks Chris Edwards (Jan 12)