nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Outgoing SMTP Servers

From: William Herrin <bill () herrin us>
Date: Tue, 25 Oct 2011 02:13:19 -0400
On Tue, Oct 25, 2011 at 12:29 AM, Dennis Burgess
<dmburgess () linktechs net> wrote:

I am curious about what network operators are doing with outbound SMTP
traffic.  In the past few weeks we have ran into over 10 providers,
mostly local providers, which block outbound SMTP and require the users
to go THOUGH their mail servers even though those servers are not
responsible for the domains in question!  I know other mail servers are
blocking non-reversible mail, however, is this common?  And more
importantly, is this an acceptable practice?


Hi Dennis,

Blocking outbound TCP SYN packets on port 25 from non-servers is
considered a BEST PRACTICE to avoid being the source of snowshoe and
botnet spam. Blocking it from legitimate mail servers... does not make
sense.

The SMTP submission port (TCP 587) is authenticated and should
generally not be blocked.

Regards,
Bill Herrin


-- 
William D. Herrin ................ herrin () dirtside com  bill () herrin us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004
Previous By Date Next
Previous By Thread Next

Current thread: