Thank you, Wietse:
This means that client systems are compromised with malware
that sends email directly to the outside world, bypassing
your mail server.
To stop these, block outbound port 25 on your firewall for all
systems except your mail server.
Wietse
Is it safe to assume that all legitimate email services, like
Outlook.com for example, are going to be using a submission service and
not sending directly over port 25, and that blocking port 25 on outgoing
connections will not interfere with normal email delivery?
--
Asai
