By Cassandra Van Buren
Release date: June 27, 2018
On September 5, 2018, SMTP port 25 in/out will be blocked at campus border firewalls. This change is being implemented as part of the Information Security Office's ongoing efforts to maintain and improve information security for the University of Utah community. This change was presented in the March 2018 IT Professionals Forum meeting, reviewed by the U’s Architecture and New Technology Committee on April 23, 2018, and reviewed and approved by the U’s Strategic Information Technology Committee on May 15, 2018.
People who have been identified as a point of contact (POC) for one or more University of Utah servers/clients using SMTP port 25 to send email will soon receive targeted communications from UIT. Messges to POCs will include information about steps they should take prior to September 5 in order to continue sending email from campus. They will be advised to change all servers/clients sending email from campus to use “smtp.utah.edu.” On September 5, servers/clients that are not changed will be blocked by campus firewalls. U organizations that have an ISO-approved inbound SMTP server will be asked to work with the UMail team to change their MX records to point to “ipo.cc.utah.edu.” Subsequently, the UMail team will route email to the servers internally.
If you have questions, your local IT support staff may be able to assist. You may also contact the UIT Help Desk at 801-581-4000 option 1 or the ITS Service Desk at 801-587-6000. Organizations that wish to request an exception will be advised to contact either help desk and ask for a ticket to be opened and routed to the Information Security Office (ISO).
- Users/devices can use smtp.utah.edu without authentication if the email message is coming from a U of U IP address.
- This change only affects port 25 for basic SMTP services. Port 587 will still be available across border routers.
- A majority of IT managers/directors already have configured their on-campus MTAs to relay out through smtp.utah.edu, which follows best practices. Anyone already configured to do so should not be affected by this change.
- This change will not affect mail relaying through smtp.utah.edu for devices inside the campus network.
- UIT has a plan to keep temporary exceptions in place for existing services that are already regularly using port 25 based on recent firewall traffic logs until service owners/POCs can be reached to get them on SMTP or set up a permanent exception policy.
- For any questions, and/or to request an exception, please call the UIT Help Desk at 801-581-4000, option 1.
What isn’t changing as of September 5:
- It’s already the case that users who are outside U of U IP space and not connected via VPN are not able to use smtp.utah.edu without authentication. If a user’s computer is pointed to an off-campus SMTP server, it will work as expected while off-campus.