Blocking port/25 is a common practice (!= best practice) for home users/consumers because it makes life a bit simpler in educating the end user.
ripe-409 gives some what glimpse of best-practice, not sure how many implements it that way. Regards, Aftab A. Siddiqui On Tue, Oct 25, 2011 at 2:35 PM, Owen DeLong <o...@delong.com> wrote: > > On Oct 24, 2011, at 10:27 PM, Mikael Abrahamsson wrote: > > > On Mon, 24 Oct 2011, Dennis Burgess wrote: > > > >> I am curious about what network operators are doing with outbound SMTP > >> traffic. > > > > Block all TCP/25 and require users to use submit with authentication on > TCP/587. > > > > If they are using someone else's mail server for outbound, how, exactly do > you control > whether or not they use AUTH in the process? > > Further, if you make them use AUTH somehow, but, you don't force TLS, then, > you are > doing more harm than good IMHO. > > Owen > > >
