29 Nov
2017
29 Nov
'17
3:38 p.m.
On Wed, Nov 29, 2017 at 12:17:57PM -0800, Michael Thomas wrote:
The real problem with large enterprise that we found, however, is that it was really hard to track down every 25 year old 386 sitting in dusty corners that was sending mail directly instead of through corpro servers to make certain that everything was signed that should be signed. Maybe that's gotten better in the last 15 years, but I'm not too hopeful.
15 years ago we blocked outbound port 25 except from our campus mail servers. That should be SOP by now. It is fairly easy to look at firewall logs to find these.