Recently it has come to our attention that certain devices within the HICS network have been responsible for sending large amounts of email. This has resulted in one of the HICS public facing IP addresses being put on a well-respected email blacklist.
The implications of this mean that all sites within the network may potentially be prevented from accessing Internet based services even if the devices they use were not responsible for causing this. Obviously this is a grave concern. Updata have worked hard to analyse where this traffic is coming from but have not been able to identify anything.
With this mind, Updata are going to put some restrictions through on the firewall. They are going to block all outbound connection running over TCP port 25 that are not locked down to a destination IP address – I think the majority of these are legacy firewall rules copied over from when Virgin were the broadband provider. Most of the firewall rules for SMTP access is to Office365 and Google Apps, access will be left in place allowing communication to these providers (and the few other random ones in the list).
It may be that certain applications that are configured to use outbound SMTP access can be changed to run using ‘SMTP over TLS/SSL’ which runs on a different TCP Port (TCP 587 or TCP 465) and with authentication. However, the vendor of the software will be able to confirm this.
I am hoping related problems will kept to a minimum but let us know if you encounter any issues. If you do need SMTP access set up, please raise a request with the HICS support desk in the usual way, providing: the internal IP address(es) and destination IP address(es).