Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 594
  • Last Modified:

Will blcok port 25 really help to stop spam?

Wondering if block port 25 will really help to stop spam? As far as I know, if i setup the restriction on firewall, inside my network, all clients only able to communicate with my own mail server, and any other on the internet. But wondering if virus not able to send spam using my mail server?

And how usually virus send out spam on client machine? does it use telnet and the client machine act itself as a mail server and send out spam?
0
okamon
Asked:
okamon
  • 4
  • 3
2 Solutions
 
Alan HardistyCo-OwnerCommented:
If you block outbound port 25 for all client IP's but not your server IP, you are helping yourself because any infected client can use it's own SMTP engine to simply push out spam and get you blacklisted.

Some viruses will send out mail via Outlook direct to the server for the server to send out, but these are not as common.

The most common type of problem is a hacker brute force guessing a username / password on your server and using your server to spew forth spam.

Please have a read of my blog about this:

http://alanhardisty.wordpress.com/2010/09/28/increase-in-frequency-of-security-alerts-on-servers-from-hackers-trying-brute-force-password-programs/
0
 
okamonAuthor Commented:
>If you block outbound port 25 for all client IP's but not your server IP, you are helping yourself because any infected client can use it's own SMTP engine to simply push out spam and get you blacklisted.

I am using windows 7, but I don't see the smtp service ..... ?
and the 2 method you mentioned above are sending through my smtp server, so in this case blocking the port will not help.Does virus also use telnet to send out spam?
0
 
Alan HardistyCo-OwnerCommented:
Windows 7 doesn't have an SMTP service - your Exchange Server has an SMTP service.

If you get a virus, it may have it's own built-in SMTP service (engine) that you won't know about and the virus will use that to send out emails, hence blocking all internal IP addresses on the router from being able to send out traffic on TCP Port 25 (SMTP), will help stop spam.

A virus won't use Telnet, or at least if it does, it will still be using TCP Port 25 (SMTP) to send out mail.
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
okamonAuthor Commented:
> Windows 7 doesn't have an SMTP service - your Exchange Server has an SMTP service.

so how my email client send out email to my mail server?
0
 
Alan HardistyCo-OwnerCommented:
If you install email software such as Outlook and configure that to use SMTP / POP3, then of course it will have an SMTP service installed.  If you configure it to use Exchange, then it won't use SMTP to send mail.

You were talking about Windows 7 and that does not have an SMTP service on it's own.  Windows Mail which is included with Windows 7 does have an SMTP service built in to that.

If you get a virus, then the virus does not know whether you will have an SMTP service available so it will most likely have its own SMTP service written into the virus.

Blocking port 25 for all IP's apart from your mail server is a sensible anti-spam precaution because most viruses will try to send out mail directly (they haven't got a clue that you will have an Exchange server available) so if you leave the port open for all PC's to use, then a virus will be freely able to send spam out.  If it is blocked, if you get a virus, then it won't be able to send the mail out.
0
 
okamonAuthor Commented:
> If you install email software such as Outlook and configure that to use SMTP / POP3, then of course it will have an SMTP service installed.

Thank you again. I have outlook installed on both xp and windows 7, but I don't see smtp service in windows services... is it built-in in outlook?
0
 
Alan HardistyCo-OwnerCommented:
You won't see a specific SMTP service.  It is built-in to Outlook.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now