Re: Outbound SMTP

[Morrow Long <morrow.long () YALE EDU>]

We block all SMTP traffic inbound and outbound.

We did this a few years ago.  We put in exceptions for all known legit  
mail servers on campus and created a website
to request outbound and/or inbound SMTP exceptions by registering an  
email server.

Primarily we recommend that any group which needs to run their own  
email server work with ITS to set up MX
records to relay inbound email through our mail relays and send  
outbound email through them as well.

TCP ports 465 and 587 are not blocked.

Morrow

H. Morrow Long
University Information Security Officer
Director -  Information Security Office




On Apr 25, 2008, at 9:13 AM, Jenkins, Matthew wrote:

> I am curious how many other schools block outbound SMTP, and if so  
> from which or all networks?
>
> We currently still allow it; however, I see very few legit  
> connections.  Usually once a week I find another student who has  
> become malware infected, and have to  shut them off until they can  
> prove their computer is clean (unfortunately we don’t have a true  
> NAC as budget does not allow).
>
> The biggest problem is wireless users.  I can block MAC addresses,  
> however this ends up taking a lot of time from start to finish (by  
> the time I login to WCS, push the policy to all the controllers,  
> document it, notify our helpdesk team for the incoming phone call  
> they will get, then all those steps in reverse when the computer is  
> cleaned).
>
> I have been considering approaching management to just block all  
> port 25 traffic.  My holdback is that I feel bad for anyone that has  
> their own domain somewhere and sends mail through it.  We do not  
> allow students to relay SMTP mail through our mail servers.
>
> Thoughts?  Thanks for your input,
>
> Matt
>
> Matthew Jenkins
> Network/Server Administrator
> Fairmont State University
> Visit us online at www.fairmontstate.edu

Attachment: smime.p7s
Description: