Educause Security Discussion mailing list archives
Re: Blocking port 25 outbound
From: Information Security <infosecurity () UTPA EDU>
Date: Mon, 22 Aug 2005 15:05:56 -0500
Lazor, Joseph wrote:
Hello out there, We are considering blocking all port 25 traffic outbound. We have noted various ISP's and others moving to block port 25 outbound to reduce "spamming". We wish to be good "netizens" Have any of you done this already and what has been the push back of issues related to implementation on your campus?
no pushback, wish we'd done it years ago. What was harder to organise was blocking incoming port 25 except to supported mail servers. We're doing that one at the end of this month in fact. you'ld have thought that would have been the easier one to arrange... You do need to set up a sniffer and monitor for *attempted* outbound port 25 connections. Almost always is an indication of a virus. Very occasionally it's a student suckered into a 'spammer for hire' scheme. Only a few will be misconfigured road-warrior portables trying to send to their own ISPs. Hopefully as time goes on, those machines will be configured to use the alternative ports which the authenticated SMTP connections prefer. No point in monitoring for *incoming* port 25 attempts, you'd spend the rest of your life following them up. Spammer bots scan your IP range all the damn time looking for badly configured machines to relay through. Graham
Current thread:
- Blocking port 25 outbound Lazor, Joseph (Aug 22)
- <Possible follow-ups>
- Re: Blocking port 25 outbound Aaron Childs (Aug 22)
- Re: Blocking port 25 outbound Liliana Moisa (Aug 22)
- Re: Blocking port 25 outbound Randy Marchany (Aug 22)
- Re: Blocking port 25 outbound CHARLES MORROW-JONES (Aug 22)
- Re: Blocking port 25 outbound Michael Grinnell (Aug 22)
- Re: Blocking port 25 outbound Information Security (Aug 22)
- Re: Blocking port 25 outbound Michael Halm (Aug 22)
- Re: Blocking port 25 outbound Joe St Sauver (Aug 22)
- Re: Blocking port 25 outbound Information Security (Aug 22)
- Re: Blocking port 25 outbound Information Security (Aug 22)
- Re: Blocking port 25 outbound Trevor J Corbett (Aug 22)
- Re: Blocking port 25 outbound Christopher E. Cramer (Aug 22)
- Re: Blocking port 25 outbound Jason Richardson (Aug 22)
- Re: Blocking port 25 outbound Scott Genung (Aug 22)
- Re: Blocking port 25 outbound Matthew Keller (Aug 22)
- Re: Blocking port 25 outbound Information Security (Aug 22)
(Thread continues...)