Educause Security Discussion mailing list archives
Re: Outbound SMTP
From: "Jenkins, Matthew" <matthew.jenkins () FAIRMONTSTATE EDU>
Date: Fri, 25 Apr 2008 11:39:08 -0400
We are currently rate limiting SMTP traffic way down (as low as the Packeteer would allow) for non-servers. We found this helped, but has definitely has not stopped the issue. Mobile users were definitely a thought in my mind. I use IPAudit to log connections over time and going back I can't see where there have been but a handful of what appear to be legit connections. However, I suppose that depends on the number of users in the institution. Matt Matthew Jenkins Network/Server Administrator Fairmont State University Visit us online at www.fairmontstate.edu <http://www.fairmontstate.edu/> From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jeff Kell Sent: Friday, April 25, 2008 11:12 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Outbound SMTP Kreider, Randall G wrote: Blocking SMTP outbound would break anyone that has their machine configured to route mail through an external SMTP server. The response that talks about relaying is not saying anything glamorous about capturing and rerouting traffic. They were simply saying that they allow students to directly submit SMTP mail to their servers and then relay it out for them. We already do that. Our recommended configuration for POP or IMAP is to use smtp.etown.edu as the designated SMTP server. We rate limit SMTP outbound from anything other than our official gateways. This seems like a working compromise after having numerous complaints from laptop users that had their agents setup to use their "home" services. We don't limit mail submission (587) or secure SMTP (465). Jeff
Current thread:
- Re: Outbound SMTP, (continued)
- Re: Outbound SMTP Gary Flynn (Apr 25)
- Re: Outbound SMTP Childs, Aaron (Apr 25)
- Re: Outbound SMTP Kreider, Randall G (Apr 25)
- Re: Outbound SMTP Barros, Jacob (Apr 25)
- Re: Outbound SMTP Kreider, Randall G (Apr 25)
- Re: Outbound SMTP Kreider, Randall G (Apr 25)
- Re: Outbound SMTP Jeff Kell (Apr 25)
- Re: Outbound SMTP Joe St Sauver (Apr 25)
- Re: Outbound SMTP Jenkins, Matthew (Apr 25)
- Re: Outbound SMTP Tim Cantin (Apr 25)
- Re: Outbound SMTP Jenkins, Matthew (Apr 25)
- Re: Outbound SMTP Joey Rego (Apr 25)
- Re: Outbound SMTP Jeff Kell (Apr 25)
- Re: Outbound SMTP Joe St Sauver (Apr 25)
- Re: Outbound SMTP Basgen, Brian (Apr 25)
- Re: Outbound SMTP Michael Van Norman (Apr 25)
- Re: Outbound SMTP Stephen John Smoogen (Apr 25)
- Re: Outbound SMTP Deke Kassabian (Apr 25)
- Re: Outbound SMTP David Lundy (Apr 25)
- Re: Outbound SMTP Jenkins, Matthew (Apr 25)
- Re: Outbound SMTP Roger Safian (Apr 25)
(Thread continues...)