I want to make it clear... I don't mind people filtering either 25 or 587, but, blocking both is highly unacceptable.
I can't see any operational reason to block 587.
Even more unacceptable in my opinion is hijacking connections to either off to your own man-in-the-middle attack server.
We had a client whose RFP vanished into thin air because of that-- he sent it from a hotel that practiced port 25 hijacking and had had their IP blacklisted for spewing much spam and viruses. So our server rejected the message, and when it tried to send the NDN to him *his* server rejected the NDN for the same reason. Fortunately he called the next day with some details he'd omitted.... I recommended he go back with an army of Huns and raze the hotel, but he settled for a nasty letter and using 587/TLS in future. -- Dave Pooser, ACSA Manager of Information Services Alford Media http://www.alfordmedia.com