Educause Security Discussion mailing list archives
Re: Blocking port 25 outbound
From: Information Security <infosecurity () UTPA EDU>
Date: Mon, 22 Aug 2005 15:27:09 -0500
Michael Halm wrote:
We don't exactly block port 25. We have a list of authorized mail servers. If any other host sends on port 25, the traffic is forwarded to our box and an e-mail is sent to the sender explaining the procedure to get their mail server authorized. Our NOC is notified and we sniff to see if the mail is spam. Then we track down and contact the owner of the box. We made an initial effort to identify all our smtp servers before we went live. Once we added the few we missed this system has made our lives a lot easier. And we are better netizens as well.
How do you do the forwarding? I'ld like to do that. Is it possible with just a plain Cisco router? (We tried this two years back with our lightspeed device, but it was too buggy - the final packet of every TCP connection never got ACK'd and the entire exchange would re-send, overflowing our mail queues :-( Didn't know enough about how to use the Cisco to do it instead. ) Graham
Current thread:
- Blocking port 25 outbound Lazor, Joseph (Aug 22)
- <Possible follow-ups>
- Re: Blocking port 25 outbound Aaron Childs (Aug 22)
- Re: Blocking port 25 outbound Liliana Moisa (Aug 22)
- Re: Blocking port 25 outbound Randy Marchany (Aug 22)
- Re: Blocking port 25 outbound CHARLES MORROW-JONES (Aug 22)
- Re: Blocking port 25 outbound Michael Grinnell (Aug 22)
- Re: Blocking port 25 outbound Information Security (Aug 22)
- Re: Blocking port 25 outbound Michael Halm (Aug 22)
- Re: Blocking port 25 outbound Joe St Sauver (Aug 22)
- Re: Blocking port 25 outbound Information Security (Aug 22)
- Re: Blocking port 25 outbound Information Security (Aug 22)
- Re: Blocking port 25 outbound Trevor J Corbett (Aug 22)
- Re: Blocking port 25 outbound Christopher E. Cramer (Aug 22)
- Re: Blocking port 25 outbound Jason Richardson (Aug 22)
- Re: Blocking port 25 outbound Scott Genung (Aug 22)
- Re: Blocking port 25 outbound Matthew Keller (Aug 22)
- Re: Blocking port 25 outbound Information Security (Aug 22)
- Re: Blocking port 25 outbound Michael Sinatra (Aug 22)
- Re: Blocking port 25 outbound John Kristoff (Aug 22)
- Re: Blocking port 25 outbound Chris Steele (Aug 22)
- Re: Blocking port 25 outbound Orlando Richards (Aug 23)
(Thread continues...)