25 Oct
2011
25 Oct
'11
5:27 a.m.
On 10/25/2011 8:13 AM, William Herrin wrote:
Blocking outbound TCP SYN packets on port 25 from non-servers is considered a BEST PRACTICE ... The SMTP submission port (TCP 587) is authenticated and should generally not be blocked.
Email Submission Operations: Access and Accountability Requirements <http://www.ietf.org/rfc/rfc5068.txt> IETF BCP It does not explicitly support blocking outbound port 25, since that's controversial, but it /does/ require permitting outbound port 587. d/
Regards, Bill Herrin
-- Dave Crocker Brandenburg InternetWorking bbiw.net