Question: Outbound (byod) mail ?

Add your own question »

Still looking for the right answer? Log in or Register to ask a question.
  • Like
  • Unlike

Hoping to bump this question to the top (30-10-18) as we are looking at egress port access from personal devices via Wi-Fi and would really like to know what others are dong ? Anyone like to respond.

Hi everyone.

I would like to hear about other community members policy on permitting outbound mail ( smtp,smtps) for their users personal devices and email accounts.

Historically we have always strictly controlled our SMTP out access at the network level. We permit our own mail servers to do this and deny it for all other devices.
Upstream we pass all of our institutional mail through an external filtering service (Mimecast) to offer spam/malware protection etc.

Is this something you do?

Our users connect their personal devices to our Wi-Fi and often ask the helpdesk why they can receive their personal mail but not send it. We explain that we do not permit it, but do offer an alternative which is that we allow them to use one of our send-mail servers (for SMTP); everything via this server is filtered to mitigate spam-outbreaks.

Given the changed landscape where traditional email providers now permit access to their send-mail servers from the global internet and the popularity of having mail hosted away from the traditional ISP mailboxes, via services like Gmail, YMail, iCloud, would we be thinking along the right track to say that permitting SMTPS outbound would be the way to go for the future?

My rational for this is that I am thinking that where sendmail is available via SMTPS for a mail-provider it is highly likely that authentication is a requirement to use this service; unlike many of the legacy SMTP services which traditionally do not require authentication.

Having a users personal device sending mail which is a) encrypted and b) required to authenticate, for me, seems to mitigate to a degree the threat of runaway spam-bots etc. Not entirely of course since that are still nasty malware/spambot threats which may use the devices own email client (and address-book) to send its mail.

What we don't want is the reputation of our IP address range being marred by uncontrolled spam outbreaks and this is the reason we have always had such restrictions in place.

I would love to hear what the communities opinions are around the sending of personal email.

Many thanks and hope to see some replies.