[CITL] Removal of SMTP authentication exemption for VPN users
Jonathan L Ocab
jonathan.ocab at ucr.edu
Fri Jul 28 15:54:22 PDT 2023
ISO Security Operations has asked the ISO Infrastructure (Email) team to remove the Exempt-from-SMTP-AUTH rule on the campus SMTP servers for Campus VPN users.
Currently, the campus SMTP servers allow anyone on the Campus VPN to send mail without authentication.
This type of exemption has use cases for systems in internal networks. However, this exemption is not best-practice for user networks, including VPN. Users sending email through an SMTP server should be authenticating to send mail.
Given that users should be using Google's SMTP or O365's SMTP through the IMAP/MAPI/Modern Authentication protocols and not our campus SMTP servers, this will have nearly zero impact on campus users.
If there are any concerns with this requested change, please let me or the Information Security Office know via email (infosecoffice at ucr.edu).
Thank you.
---
Jonathan Ocab | jonathan.ocab at ucr.edu<mailto:jonathan.ocab at ucr.edu>
Manager, Information Security Operations
Information Security Office
University of California, Riverside
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ucr.edu/pipermail/citl/attachments/20230728/da7abc5a/attachment.html>
More information about the CITL
mailing list