8
Do not allow SMTP AUTH on port 25
Idea shared by Douglas Foster - 9/10/2020 at 11:38 AM
Proposed
I am sure that this was discussed previously, but I cannot find the discussion now.   I think it was at the end of a discussion about something else.

My incoming gateway is only intended for inbound traffic from the Internet, so it only has port 25 open, and it is only intended for unauthenticated SMTP.   I see evidence of servers trying to log in.   I don't think they will successfully guess the account used for the placeholder domain on my incoming gateway, but I would rather not take the risk.

We should be able to disable any/all authentication attempts on port 25. 

Reply to Thread