We're based in a research park, and so we piggy-back on the UEA network for our external connectivity. For the most part, this works just fine for us - JANET is a pretty good network, a lot of our customers are based in academic institutions, it's cheaper than paying the BT Broadband tax and it's a devil we know well, having been consumers of the service for 11 years now in one form or another.
Every now and then, however, UEA ITCS do something so incredibly, unbelievably stupid or annoying that it's simply breathtaking in magnitude. Like, say, today. Today we are unable to send emails via our server.
We don't bother with the local institutional mail server, since we figure it's fairer for us to use our own resources. It also means we can use additional security features like sending mail over a secure connection. As an added bonus, we can use this configuration from just about anywhere, so we almost never need to tweak our mail client settings.
It transpires that UEA's swift and assertive response to the MyDoom virus was to block port 25 on their routers. This means that email can only be sent through their smtp server. Unfortunately, they neglected to tell anyone.
In fairness, apparently over half the campus is currently infected with the virus, so this is probably a kindness to the outside world. But you'd think that significant modifications to external connectivity might warrant some kind of warning, wouldn't you?
So - if you're wondering why you don't hear anything from me today, it's because I can't safely and securely send emails :-(
Update: I was talking to Paul in the pub last night, and he said that blocking port 25 is actually a recommended procedure from the AntiVirus vendors. I didn't believe it, but it looks like it's true. Symantec say: "disable or block access to those services". Urgh. you know, their advice would be so much more credible if my inbox wasn't filled with AntiVirus messages that don't have uniform subject lines or additional headers to allow me to ignore them. AV vendors are a significant part of the problem.
Meanwhile, daemon_smtp_port is my friend. I'm running a second copy of exim on a different port, to get round UEA's dumb restriction on port 25. Still don't think I should have to do this though. And how long will it be before viruses runs portscans to find open SMTP servers? Fix the problem. Educate users into not opening attachments, or better yet, dump Windows.
Posted by savs at February 2, 2004 3:10 PM