Anthony Hoppe skrev den 2019-03-22 18:23:
Not knowing the details of your environment...
Instead of taking on the job of filtering email for all of your
clients (this, to me, will open up a can of worms), why not set a
policy that port 25 is blocked by default and customers must request
for it to be unblocked?
dont relay mail from port 25, mails there is final recipient only, not
forwared
You can then build a list of who may be using your services to send
mail and better track if/when undesirable mail is sent from your
network?
ask custommers to use port 587 or 465 as common pratice
but do require sasl auth on this ports, reject all else
sadly i see mtas try to use 587, and 465, i like to know with book thay
read
