Outgoing SMTP Servers

Dave CROCKER dhc2 at dcrocker.net
Tue Oct 25 04:27:37 CDT 2011


On 10/25/2011 8:13 AM, William Herrin wrote:
> Blocking outbound TCP SYN packets on port 25 from non-servers is
> considered a BEST PRACTICE
...
> The SMTP submission port (TCP 587) is authenticated and should
> generally not be blocked.


    Email Submission Operations: Access and Accountability Requirements

    <http://www.ietf.org/rfc/rfc5068.txt>  IETF BCP

It does not explicitly support blocking outbound port 25, since that's 
controversial, but it /does/ require permitting outbound port 587.

d/


> Regards,
> Bill Herrin
>
>

-- 

   Dave Crocker
   Brandenburg InternetWorking
   bbiw.net



More information about the NANOG mailing list