Menu
Reply
Lordspongy
  • 7
  • 0
  • 4
Tuning in
1,071 Views
Message 1 of 8
Flag for a moderator

Blocking port 25

Good morning all

I have recently had issues with my IP being blacklisted several times resulting in me not being able to send email via Microsoft Outlook for Mac.

I have been in contact with an extremely helpful gentleman at Spamhaus who informed me that I quite possibly and inadvertently inherited a spambot !!

I have spent hours searching through my system and feel I may have found the problem on my wife's Android mobile, this being a ringtone that was downloaded directly from a website at around the time that my blacklisting issues started......This ringtone took quite some time to 'kill' but it's now gone and my IP has been released......however the guy at Spamhaus strongly suggests that I block port 25 (outgoing) in order to, as far as possible, avoid future issues.

My question is, and I'm sorry it taken this long to get around to it.....can I block port 25....should I and how the heck do I do it... if it is indeed the right thing to do ??

Cheers all

Bob......

0 Kudos
Reply
jem101
  • 1.72K
  • 238
  • 803
Very Insightful Person
Very Insightful Person
1,047 Views
Message 2 of 8
Flag for a moderator
Helpful Answer

Re: Blocking port 25

In principle blocking outbound port 25 traffic is a reasonable idea but firstly you can't, at least not with the VM Hubs, you would need your own router with more sophisticated traffic management abilities, and secondly without the Spamhaus problems would you have ever known about the malicious software on your wife's phone? What else might it be doing along with sending out spam messages?

HowardML
  • 12.33K
  • 1.44K
  • 41
Superuser Emeritus
Superuser Emeritus
1,044 Views
Message 3 of 8
Flag for a moderator
Helpful Answer

Re: Blocking port 25

No you can't block it. Port 25 is an incoming port on VM's mail servers and VM leave it open so users of their legacy e-mail settings (which are legion) can still send e-mail. But a more subtle answer is that you are looking at this thing from the wrong angle. Spam bots send spam via port 25 on other mail servers. So to achieve what you want would be practically impossible. Do you want to block 25 all over the internet for every mail server? That way lies chaos and madness.


I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

Lordspongy
  • 7
  • 0
  • 4
Tuning in
1,035 Views
Message 4 of 8
Flag for a moderator

Re: Blocking port 25

Wooooo.... chaos and madness would have been quite a challenge back in my old college days but I'm afraid to say that nowadays I'm much more 'pipe and slippers'.
As a person who is not at all insightful when it comes to things with wires in, I really do appreciate your feedback.

Bob........
Lordspongy
  • 7
  • 0
  • 4
Tuning in
1,027 Views
Message 5 of 8
Flag for a moderator

Re: Blocking port 25

Thanks Jem, I'm frightened to think what else her phone might be doing.....maybe my best option would be to confiscate it and accept the inevitable beating !!
In suggesting that I block port 25, I'm wondering if the chap from Spamhaus thinks that I am on a company network rather than a 'stand alone' PC.....I'll have to ask.
Again many thanks

Bob.......
0 Kudos
Reply
用心棒
  • 5.96K
  • 670
  • 2.06K
Very Insightful Person
Very Insightful Person
1,012 Views
Message 6 of 8
Flag for a moderator

Re: Blocking port 25

Blocking outgoing traffic over port 25 is sensible advice applicable to both consumer and business alike; better still block everything and then decide what to allow through to better secure your network. Were you to go down the route of using your own hardware device to provide the firewall functionality required then it would likely also provide the reporting functionality to alert you to events like outgoing traffic over port 25.

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more
Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

0 Kudos
Reply
ravenstar68
  • 19.4K
  • 1.14K
  • 8.47K
Very Insightful Person
Very Insightful Person
979 Views
Message 7 of 8
Flag for a moderator
Helpful Answer

Re: Blocking port 25

My personal thought is that while blocking port 25 sounds reasonable, it's not necessarily the best approach to take.

Certainly most email providers don't use port 25 for email submission anymore, the majority using Port 587 StartTLS or port 465 SSL.  There are however a few holdouts, one surprising one being PlusNet 😗, so providing you are not using one of those providers and your email settings are up to date, blocking port 25 is not an issue.

HOWEVER

While doing so may mean that the malware cannot send mail.  It also means that unless you are looking at the logs to spot blocked traffic, you might end up with malware on your network that you are unaware of.  Bear in mind as well that the malware can still talk to it's C&C server and who knows what else it might be doing.

As has also been said, most routers provided by ISP's (including VM) aren't sophistcated in this regard.

Tim

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

Lordspongy
  • 7
  • 0
  • 4
Tuning in
972 Views
Message 8 of 8
Flag for a moderator

Re: Blocking port 25

Hi Tim

Many thanks for your kind reply...everyone in the community has been so helpful. My efforts so far in stopping my blacklisting seem to have worked as for the first time in a good few weeks I have not been blacklisted a few days after a Spanhaus removal (if that makes sense !) so outgoing mail is working from my Outlook for mac. With so many port 25 can do's and can't do's flying about, and me with minimal knowledge, I feel that I should abandon any thoughts of blocking anything at all, and keep well away from anything with the number 25 in it ........I don't usually give up so easily as I'm a very inquisitive sort of person, but I'm going to hand this round to the 'devil in the box' ! 

Best wishes

Bob.......