Re: Outbound SMTP

["Childs, Aaron" <aaron () WSC MA EDU>]

We block all SMTP traffic except for our SMTP gateways at the firewall.
All student computers from our residential network (if they use POP or
IMAP) must authenticate with our SMTP gateways to send email.

 

Aaron

 

-------------
Aaron Childs
Assistant Director, Networking
Westfield State College
http://www.wsc.ma.edu/it/

 

"I would rather write 10,000 notes than one letter of the alphabet."  
                -- Beethoven

 

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jenkins, Matthew
Sent: Friday, April 25, 2008 9:14 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Outbound SMTP

 

I am curious how many other schools block outbound SMTP, and if so from
which or all networks?

 

We currently still allow it; however, I see very few legit connections.
Usually once a week I find another student who has become malware
infected, and have to  shut them off until they can prove their computer
is clean (unfortunately we don't have a true NAC as budget does not
allow).

 

The biggest problem is wireless users.  I can block MAC addresses,
however this ends up taking a lot of time from start to finish (by the
time I login to WCS, push the policy to all the controllers, document
it, notify our helpdesk team for the incoming phone call they will get,
then all those steps in reverse when the computer is cleaned).

 

I have been considering approaching management to just block all port 25
traffic.  My holdback is that I feel bad for anyone that has their own
domain somewhere and sends mail through it.  We do not allow students to
relay SMTP mail through our mail servers.

 

Thoughts?  Thanks for your input,

 

Matt

 

Matthew Jenkins
Network/Server Administrator
Fairmont State University
Visit us online at www.fairmontstate.edu <http://www.fairmontstate.edu/>