Am 27.06.12 16:08, schrieb Tilman Schmidt:
Am 27.06.2012 11:15, schrieb Götz Reinicke:
Am 27.06.12 10:29, schrieb Fajar Priyanto:
- Many malware have their own smtp and can send spam directly.
To overcome this, block port tcp 25 on your gateway, and only allow your mailserver.
Hi, thanks for your suggestion. But for the mentioned clients thats not possible. :/ [...] We do have about 100th of freelancers 'flying in and out' of our academy which we cant 'restrict' by forcing tham to change there clients settings.
Nobody *needs* port 25 from their client to a public server. Port 25 is intended for forwarding mail from one server to the next, not for submitting mail from a client to its server. The standard port for sending mail from a client is 587, the mail submission port. Using port 25 for that is arguably a configuration error which should be corrected.
What's more, blocking outbound port 25 is generally recommended practice and standard for many ISPs, so your freelancers will often face the same restriction on their home LAN, Internet cafe or wherever else they may want to write e-mails, adding to their motivation to fix their configuration instead of arguing with you.
Hi,
you dont know the resistant to advice of our users .... ;)
Any kind of plea fails most time, and as long as a lot of ISP and Mail-Hosters still allow and offer port 25 in the docs it is hard to tell why our users should change because we'r faced with problems.
Long story short: I advised the use of port 587 two hours ago.
FYI since than I had 169 outgoing connections to port 20 and 1 to 587. :)
cheers . Götz fighting spam and resistant to advice