|Description||Encourage Use of Authenticated SMTP/Restrict Outbound Connections to Port 25:
ISPs should encourage users to submit email via authenticated SMTP on port 587, requiring Transport Layer Security (TLS) or other appropriate methods to protect the username and password. In addition, ISPs should restrict or otherwise control inbound and outbound connections from the network to port 25 (SMTP) of any other network, either uniformly or on a case by case basis, e.g., to authorized email servers.
|Industry Role(s)||Service Provider|
|Keyword(s)||Cyber Security;Information Protection;Intrusion Detection;|
|Reference/Comments||See the following document for more information:
Note that the Best Practices in this grouping are primarily aimed at ISPs that provide service to consumer end-users on residential broadband networks, but may be applicable to other users and networks as well.