[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Asrg] 7.b. Mail administrators

To: asrg@ietf.org
Subject: [Asrg] 7.b. Mail administrators
From: Hein Roehrig <hein@acm.org>
Date: Fri, 12 Sep 2003 22:44:58 +0200
Cancel-lock: sha1:xE713IDIF/VxEqlSuYEI5o9ja70=
List-archive: <https://www1.ietf.org/mail-archive/working-groups/asrg/>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=unsubscribe>
Sender: asrg-admin@ietf.org
User-agent: Gnus/5.1002 (Gnus v5.10.2) Emacs/21.3 (gnu/linux)

I have a question about best practices regarding egress filtering on
organizational networks.

Port 25 makes sense to prevent "owned" machines from being used as
relays.

What about the other ports? I would be particularly curious about BCP
for ports 465 (ssmtp, SSL-wrapped SMTP) and 587 (submission, often
used for plain-text SMTP with an immediate STARTTLS required).

Can a case be made for spam reduction by blocking the ports for
outgoing connections? Are there many systems around that accept
incoming mail on these ports?

Of course, in an open environment there are significant advantages to
leave those ports open for roaming users and guests to connect to
their "home" mail servers for outgoing mail.

TIA,
Hein

-- 
http://hein.roehrig.name


_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Follow-Ups:
- Re: [Asrg] 7.b. Mail administrators
  - From: Brad Knowles

Prev by Date: Re: [Asrg] 2a. Analysis - Developer Perspective
Next by Date: Re: [Asrg] 2a. Analysis - Developer Perspective
Previous by thread: [Asrg] 0. General - EU Workshop on Spam
Next by thread: Re: [Asrg] 7.b. Mail administrators
Index(es):
- Date
- Thread