Educause Security Discussion mailing list archives

Re: Blocking port 25 outbound

From: Orlando Richards <orlando.richards () ED AC UK>
Date: Tue, 23 Aug 2005 14:56:45 +0100

I can see why ISPs would do that (commercial site) but I can't see a good 
reason for a university to do that. Why not train your sysadmins how to 
configure an email server correctly or provide some tools to do so?

 
Part of the problem is that much of the spam is caused by viruses and bots
running their own SMTP engines and sending out emails themselves. Such
infestations are rarely administered by the university sysadmins. This is
precisely the reason we also blocked outbound port 25 traffic except from
our mail server. We also monitor the mail server for any more intelligent
malware that relays through the user-configured SMTP server.

--
Orlando.

Current thread:

Re: Blocking port 25 outbound, (continued)
- Re: Blocking port 25 outbound Information Security (Aug 22)
- Re: Blocking port 25 outbound Trevor J Corbett (Aug 22)
- Re: Blocking port 25 outbound Christopher E. Cramer (Aug 22)
- Re: Blocking port 25 outbound Jason Richardson (Aug 22)
- Re: Blocking port 25 outbound Scott Genung (Aug 22)
- Re: Blocking port 25 outbound Matthew Keller (Aug 22)
- Re: Blocking port 25 outbound Information Security (Aug 22)
- Re: Blocking port 25 outbound Michael Sinatra (Aug 22)
- Re: Blocking port 25 outbound John Kristoff (Aug 22)
- Re: Blocking port 25 outbound Chris Steele (Aug 22)
- Re: Blocking port 25 outbound Orlando Richards (Aug 23)
- Re: Blocking port 25 outbound Paul Russell (Aug 23)
- Re: Blocking port 25 outbound Kenneth G. Arnold (Aug 23)