Am 27.06.12 16:08, schrieb Tilman Schmidt:
> Am 27.06.2012 11:15, schrieb Götz Reinicke:
>> Am 27.06.12 10:29, schrieb Fajar Priyanto:
>>> 1. Many malware have their own smtp and can send spam directly.
>>> To overcome this, block port tcp 25 on your gateway, and only allow
>>> your mailserver.
>> Hi, thanks for your suggestion. But for the mentioned clients thats not
>> possible. :/ [...]
>> We do have about 100th of freelancers 'flying in and out' of our academy
>> which we cant 'restrict' by forcing tham to change there clients settings.
> Nobody *needs* port 25 from their client to a public server.
> Port 25 is intended for forwarding mail from one server to the
> next, not for submitting mail from a client to its server.
> The standard port for sending mail from a client is 587, the
> mail submission port. Using port 25 for that is arguably a
> configuration error which should be corrected.
> What's more, blocking outbound port 25 is generally recommended
> practice and standard for many ISPs, so your freelancers will
> often face the same restriction on their home LAN, Internet
> cafe or wherever else they may want to write e-mails, adding
> to their motivation to fix their configuration instead of
> arguing with you.
you dont know the resistant to advice of our users ....
Any kind of plea fails most time, and as long as a lot of ISP and
Mail-Hosters still allow and offer port 25 in the docs it is hard to
tell why our users should change because we'r faced with problems.
Long story short: I advised the use of port 587 two hours ago.
FYI since than I had 169 outgoing connections to port 20 and 1 to 587.
cheers . Götz fighting spam and resistant to advice
Tel. +49 7141 969 82 420
Fax +49 7141 969 55 420
Filmakademie Baden-Württemberg GmbH
Eintragung Amtsgericht Stuttgart HRB 205016
Vorsitzender des Aufsichtsrats:
Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg
Prof. Thomas Schadt
CentOS mailing list