Outgoing SMTP Servers

William Herrin bill at herrin.us
Tue Oct 25 06:13:19 UTC 2011

On Tue, Oct 25, 2011 at 12:29 AM, Dennis Burgess
<dmburgess at linktechs.net> wrote:
> I am curious about what network operators are doing with outbound SMTP
> traffic.  In the past few weeks we have ran into over 10 providers,
> mostly local providers, which block outbound SMTP and require the users
> to go THOUGH their mail servers even though those servers are not
> responsible for the domains in question!  I know other mail servers are
> blocking non-reversible mail, however, is this common?  And more
> importantly, is this an acceptable practice?

Hi Dennis,

Blocking outbound TCP SYN packets on port 25 from non-servers is
considered a BEST PRACTICE to avoid being the source of snowshoe and
botnet spam. Blocking it from legitimate mail servers... does not make

The SMTP submission port (TCP 587) is authenticated and should
generally not be blocked.

Bill Herrin

William D. Herrin ................ herrin at dirtside.com  bill at herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004

More information about the NANOG mailing list