Educause Security Discussion mailing list archives
Re: Outbound SMTP
From: Tim Cantin <tcantin () WELLESLEY EDU>
Date: Mon, 28 Apr 2008 10:12:54 -0400
Joe St Sauver [joe () oregon uoregon edu] wrote:
1) Even if you block port 25 traffic, the host is still infested
...
5) Blocking port 25 (only) is a point solution to a more general problem
All excellent points, Joe! But I don't think anyone specifically said that was ALL they were doing; I certainly didn't. :) I agree that there must be other systems in place for checking desktops and identifying nastiness on your networks. Fwiw, port 25 is the only outbound traffic we block. This "cough syrup" helps to limit the symptoms while the cause is properly identified and addressed. When administered correctly it controls the effects of the problem so as to not annoy others as much. Blocking port 25 in our situation seemed like the polite thing to do for the rest of the Internet who was occasionally getting flooded with spam from infected hosts within our network. Hosts still get infected here, sure, though not nearly as often now that we have a NAC setup which is enforcing the mandatory use of anti-virus software and Windows updates. -Tim --- Tim Cantin, Senior Network Engineer Wellesley College, IS/Technology Infrastructure Group 223 Simpson Hall East, 106 Central Street Wellesley, Massachusetts 02481-8203 http://www.wellesley.edu/~tcantin/ phone: (781)283-3520 fax: (781)283-3682
Current thread:
- Re: Outbound SMTP, (continued)
- Re: Outbound SMTP Michael Sinatra (Apr 25)
- Re: Outbound SMTP Joel Rosenblatt (Apr 25)
- Re: Outbound SMTP Basgen, Brian (Apr 25)
- Re: Outbound SMTP Jason S. Cash (Apr 25)
- Re: Outbound SMTP Michael Sinatra (Apr 25)
- Re: Outbound SMTP Michael Sinatra (Apr 25)
- Re: Outbound SMTP Joe St Sauver (Apr 25)
- Re: Outbound SMTP Scholz, Greg (Apr 25)
- Re: Outbound SMTP Halliday,Paul (Apr 25)
- Re: Outbound SMTP John Kristoff (Apr 28)
- Re: Outbound SMTP Tim Cantin (Apr 28)
- Re: Outbound SMTP Mike Porter (Apr 28)
- Re: Outbound SMTP Valdis Kletnieks (May 05)