On Nov 27, 2016, at 16.15, li...@lazygranch.com wrote: > > I hate to bug the list for what is probably a dumb question, but is there any > situation where an unauthorized user needs to connect to port 587? I'm > wondering if there is some oddball "edge" case.
well, i suppose it would depend upon what your definition of "unauthorized" actually is, but making some assumptions, the short answer is likely no. since you refer below to blocking troublemakers, presumably we're talking about the internet, rather than an internal or such network where there might be the occasional device which cannot perform smtp auth, encryption, etc., and for which an exception might be necessary [for those edge cases, i use check_client_access and a cidr map]. > My thought is to use my ipfw table of known trouble makers to block 587. honestly, i'm not sure i'd bother. it may be fine, but it's also one more thing to include risk for a false positive.
