Solved

Will blcok port 25 really help to stop spam?

Posted on 2010-11-13
7
586 Views
Last Modified: 2012-05-10
Wondering if block port 25 will really help to stop spam? As far as I know, if i setup the restriction on firewall, inside my network, all clients only able to communicate with my own mail server, and any other on the internet. But wondering if virus not able to send spam using my mail server?

And how usually virus send out spam on client machine? does it use telnet and the client machine act itself as a mail server and send out spam?
0
Comment
Question by:okamon
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 350 total points
ID: 34128081
If you block outbound port 25 for all client IP's but not your server IP, you are helping yourself because any infected client can use it's own SMTP engine to simply push out spam and get you blacklisted.

Some viruses will send out mail via Outlook direct to the server for the server to send out, but these are not as common.

The most common type of problem is a hacker brute force guessing a username / password on your server and using your server to spew forth spam.

Please have a read of my blog about this:

http://alanhardisty.wordpress.com/2010/09/28/increase-in-frequency-of-security-alerts-on-servers-from-hackers-trying-brute-force-password-programs/
0
 

Author Comment

by:okamon
ID: 34129053
>If you block outbound port 25 for all client IP's but not your server IP, you are helping yourself because any infected client can use it's own SMTP engine to simply push out spam and get you blacklisted.

I am using windows 7, but I don't see the smtp service ..... ?
and the 2 method you mentioned above are sending through my smtp server, so in this case blocking the port will not help.Does virus also use telnet to send out spam?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34129069
Windows 7 doesn't have an SMTP service - your Exchange Server has an SMTP service.

If you get a virus, it may have it's own built-in SMTP service (engine) that you won't know about and the virus will use that to send out emails, hence blocking all internal IP addresses on the router from being able to send out traffic on TCP Port 25 (SMTP), will help stop spam.

A virus won't use Telnet, or at least if it does, it will still be using TCP Port 25 (SMTP) to send out mail.
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Comment

by:okamon
ID: 34131403
> Windows 7 doesn't have an SMTP service - your Exchange Server has an SMTP service.

so how my email client send out email to my mail server?
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 350 total points
ID: 34131599
If you install email software such as Outlook and configure that to use SMTP / POP3, then of course it will have an SMTP service installed.  If you configure it to use Exchange, then it won't use SMTP to send mail.

You were talking about Windows 7 and that does not have an SMTP service on it's own.  Windows Mail which is included with Windows 7 does have an SMTP service built in to that.

If you get a virus, then the virus does not know whether you will have an SMTP service available so it will most likely have its own SMTP service written into the virus.

Blocking port 25 for all IP's apart from your mail server is a sensible anti-spam precaution because most viruses will try to send out mail directly (they haven't got a clue that you will have an Exchange server available) so if you leave the port open for all PC's to use, then a virus will be freely able to send spam out.  If it is blocked, if you get a virus, then it won't be able to send the mail out.
0
 

Author Comment

by:okamon
ID: 34131760
> If you install email software such as Outlook and configure that to use SMTP / POP3, then of course it will have an SMTP service installed.

Thank you again. I have outlook installed on both xp and windows 7, but I don't see smtp service in windows services... is it built-in in outlook?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34131884
You won't see a specific SMTP service.  It is built-in to Outlook.
0

Featured Post

[Webinar] How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question