Mailinglist Archive: opensuse (911 mails)

< Previous Next >
Re: [opensuse] Have I been hacked or "visited"? seccheck and rkhunter outputs
On 12/24/2015 12:28 PM, Greg Freemyer wrote:
On Thu, Dec 24, 2015 at 3:11 PM, John Andersen <jsamyth@xxxxxxxxx> wrote:

I egress filter email ports, and a few similar things at the firewall, but
when your
users are talking to big-mailers (google, yahoo, microsoft) it becomes
almost impossible
to keep a list of valid destinations up to date. Connection addresses end
up being pools
any you never know what IP the next connection is going to.

Lots of places simply don't let "workstations" make outbound
connections to random SMTP servers.

Verizon for one doesn't allow port 25 traffic in either direction for
home users.

I don't know if most companies allow random outbound POP/IMAP connections.

I can imagine that a lot of companies block those too. Users are
forced to use the corporate email server.

Greg Freemyer

Agreed, those port 25 egress attempts are easy to block.
But with Google using and others requiring (or strongly encouraging)
secure connections (smtp = 465, pop3S = 995 ImapS = 993) you have
other things to block, which are much harder).

For those users that use Gmail/Yahoo/Hotmail, I'd rather have them using
a MUA than using a browser, as I think its a bit more secure.
But maybe that's just me.

After all is said and done, more is said than done.
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups