North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: SMTP Port Blocking: Success or Failure?
Claydon, Tom wrote:
It depends on your customer base. For residential customers, filtering outbound port 25 is considered acceptable. For business customer, not so. In my case, I deal with the latter. It can be problematic, because business computers do become part of part of some spammer's botnet. That means in a given week I spend a few hours informing clients about infected machines, when I should be working on something more productive. Conversely, there are problems when clients send out spam through our legacy mail servers, particularly when those connections come through NAT'ed environments. If that NAT'ed network has hundreds of hosts behind it, it can be extremely difficult to get a client's support staff to even work on the problem, because I cannot provide them with the specific details they need to locate the problem machine (and most lack the skill or will to learn to use network analyzers like Ethereal to narrow the field within their network). Therefore, I've put together a new mail system that only allows SMTP relaying once they've been authenticated. That leads to more issues, particularly with devices like printers or outdated software which cannot properly do SMTP-Auth. But as long as the majority use SMTP-Auth, it becomes a lot easier to trace problems then now.
Stephen Fulton | We can be quick-witted
Systems Administrator | or very intelligent
Toronto, Canada | but not both.
http://www.esoteric.ca/ | -- Stephen Hawking.
We are considering filtering outbound SMTP traffic from our ISP