Why You Should Block Outgoing Port 25 (SMTP) On A Firewall
March 19th, 2010 adminOK, having written the last post on how to block port 25 on an ASA firewall, I thought I’d write a follow up post to explain why this is good procedure.
Port 25 if you’re not aware is the SMTP port used by mail servers to send email. The popular trend with viruses now are to install “zombie processes” on infected machines. These zombies are then used as spam mail servers – sending continuous streams of spam out to random addresses.
Not only is this going to slow down both your PC and your Internet connection – you’re also going to get detected as a spam sender and blocked! There are centrally maintained black lists of spam senders which hare used by popular anti-spam software vendors to determine if an sender is a know spammer. If your address reaches one of these black lists – you’ll find that around 80%-90% of email you send will now be blocked!
This is worse for larger businesses with many machines on a network. It only takes one machine to get infected – and your business email will be blocked!
So the first step is obviously to make sure you’re properly protected. However you may not have complete control over what gets plugged into the network? What if you have customers coming in who use your network?
Well the next step you can take is to block port 25 (SMTP) for all machines “except” your mail server. Most firewalls allow this, but the settings will be different for each one.
If you’re not sure how to configure this – contact info@scotiasystems.com and we’ll help you get protected.
