[unisog] Looking for sites that are redirecting SMTP requests

Thomas DuVally thomas_duvally at brown.edu
Tue May 13 13:48:47 GMT 2003

Is there any evidence that these compromised systems are even using
inbound port 25?  I've seen at least one case were a high-number port
was used inbound to the open-relay.  I agree with blocking 25 inbound,
but it may only be a short term fix.  And I doubt many institutions
really want  to block outbound 25.

On Mon, 2003-05-12 at 16:27, Paul Russell wrote:
> As a result of recent incidents in which student computers were hijacked to
> send spam through remote open relays, we have been asked to investigate the
> feasibility of redirecting all SMTP connection requests from student systems
> to our central mail servers. I have been asked to find out whether any other
> educational institutions are doing this.
Thomas DuVally
Lead Sys. Prog.
CIS, Brown Univ.

More information about the unisog mailing list