Re: Outbound SMTP

["Babb, Robert" <babbr () UNION EDU>]

We block all outbound SMTP except for authorized campus mail servers.


Thank You,

Robert Babb
Network Manager
Information Technology Services
Union College



From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jenkins, 
Matthew
Sent: Friday, April 25, 2008 9:14 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Outbound SMTP

I am curious how many other schools block outbound SMTP, and if so from which or all networks?

We currently still allow it; however, I see very few legit connections.  Usually once a week I find another student who 
has become malware infected, and have to  shut them off until they can prove their computer is clean (unfortunately we 
don't have a true NAC as budget does not allow).

The biggest problem is wireless users.  I can block MAC addresses, however this ends up taking a lot of time from start 
to finish (by the time I login to WCS, push the policy to all the controllers, document it, notify our helpdesk team 
for the incoming phone call they will get, then all those steps in reverse when the computer is cleaned).

I have been considering approaching management to just block all port 25 traffic.  My holdback is that I feel bad for 
anyone that has their own domain somewhere and sends mail through it.  We do not allow students to relay SMTP mail 
through our mail servers.

Thoughts?  Thanks for your input,

Matt

Matthew Jenkins
Network/Server Administrator
Fairmont State University
Visit us online at www.fairmontstate.edu<http://www.fairmontstate.edu/>