Outgoing SMTP Servers
Dave CROCKER
dhc2 at dcrocker.net
Tue Oct 25 09:27:37 UTC 2011
On 10/25/2011 8:13 AM, William Herrin wrote:
> Blocking outbound TCP SYN packets on port 25 from non-servers is
> considered a BEST PRACTICE
...
> The SMTP submission port (TCP 587) is authenticated and should
> generally not be blocked.
Email Submission Operations: Access and Accountability Requirements
<http://www.ietf.org/rfc/rfc5068.txt> IETF BCP
It does not explicitly support blocking outbound port 25, since that's
controversial, but it /does/ require permitting outbound port 587.
d/
> Regards,
> Bill Herrin
>
>
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
More information about the NANOG
mailing list