ESMTP - Why is Port 25 Blocked?

For several years now, senders of unsolicited bulk email have increasingly taken advantage of the large number of vulnerable systems available on the internet to generate bulk mailings. By sending the messages from hundreds or thousands of compromised hosts, the unscrupulous emailer hopes not only to mask their location, but also to thwart bulk email filters.

By blocking outbound packets on port 25/tcp, we limit the ability of compromised hosts on our network to send out unsolicited bulk email to other sites. While in most cases this does not directly benefit our department, as these hosts and others around the internet will still be able to send bulk email to our email server, restricting their ability to send to other sites is a small favor to the rest of the internet.

As of October 1, 2008, the Computer Science Department firewall blocks outbound packets on port 25/tcp for hosts not registered with us as having a legitimate need to send such packets. This may require that you reconfigure your email clients. In most cases, you should be able to change from port 25/tcp for your outbound (SMTP) server to port 587/tcp instead. Most major ISPs support this configuration, and in many cases it is preferred.

If you need help finding the specific setting to change, the OIT Helpdesk has published a document detailing how to make the change on several of the most popular email clients. You can find that document at:

http://helpdesk.princeton.edu/kb/display.plx?id=9787

Users of CS Department Email services can refer to CS Guide documentation for setting up their email clients for either IMAP or POP3.

Tags: