[CentOS] How to handel smtp to public servers - done

Scott Silva

ssilva at sgvwater.com
Wed Jun 27 21:34:02 UTC 2012

on 6/27/2012 7:26 AM Götz Reinicke spake the following:
> Am 27.06.12 16:08, schrieb Tilman Schmidt:
>> Am 27.06.2012 11:15, schrieb Götz Reinicke:
>>> Am 27.06.12 10:29, schrieb Fajar Priyanto:
>>>> 1. Many malware have their own smtp and can send spam directly.
>>>> To overcome this, block port tcp 25 on your gateway, and only allow
>>>> your mailserver.
>>> Hi, thanks for your suggestion. But for the mentioned clients thats not
>>> possible. :/ [...]
>>> We do have about 100th of freelancers 'flying in and out' of our academy
>>> which we cant 'restrict' by forcing tham to change there clients settings.
>> Nobody *needs* port 25 from their client to a public server.
>> Port 25 is intended for forwarding mail from one server to the
>> next, not for submitting mail from a client to its server.
>> The standard port for sending mail from a client is 587, the
>> mail submission port. Using port 25 for that is arguably a
>> configuration error which should be corrected.
>> What's more, blocking outbound port 25 is generally recommended
>> practice and standard for many ISPs, so your freelancers will
>> often face the same restriction on their home LAN, Internet
>> cafe or wherever else they may want to write e-mails, adding
>> to their motivation to fix their configuration instead of
>> arguing with you.
> Hi,
> you dont know the resistant to advice of our users .... ;)
> Any kind of plea fails most time, and as long as a lot of ISP and
> Mail-Hosters still allow and offer port 25 in the docs it is hard to
> tell why our users should change because we'r faced with problems.
> Long story short: I advised the use of port 587 two hours ago.
> FYI since than I had 169 outgoing connections to port 20 and 1 to 587. :)
> 	cheers . Götz fighting spam and resistant to advice
Block port 25, and they will comply, or not send mail... People are resistant
to change, until they NEED to change...

More information about the CentOS mailing list