opening ports 110 and 25 in proxy server

In our LAN environment users are given internet access through Proxy server.We get request from users to open the ports POP3 110 and SMTP 25 in the proxy server.Is there any risk by opening this ports in proxy server?Pl suggest
Who is Participating?
drpoppersConnect With a Mentor Commented:
I'd be slightly concerned about opening port 25, if for some reason you get a virus infection that turns a pc into a spambot, it will send out on port 25, now you should pick this up from the proxy logs that it's suddenly getting a huge amount of traffic on this port and be able to locate the issue.

The other thing is do you want people being able to send/receive email from their desktops? I've worked for companies where this is banned and only work email can be used, depends how harsh your IT policies are.
Hi megavannan,

No, there is no security risks as only mail will be allowed through these 2 ports. You can open them and not worry about security issues.

I'd agree with drpoppers - are you running a local mail server on the network (ie. exchange)?  If you are running a mail server off site, then best practice would be to permit traffic between the client machines and the remote mail server only.  That also prevents users from sending mail via personal mail accounts from the office.

There are always risks by opening up additional ports, especially commonly know ports.

You'll have to weigh the consequences of opening additional ports.

Do these ports need to be opened for official use? (coorporate email etc...) if so, then you'll have to open the ports and deal with the additional security issues. For example you should have an IDS and content filter.

If these requests are for non-official purposes, like sending their own personal mail, I see no reason why you should entertain those requests. As you said, they already have internet access, they can just use web mail.

Hope that helps.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.