Ask the Expert

What are the security risks of opening port 110 and port 25?

We wish to allow an external manufacturer to remotely access the copiers that it leases to us, so it can obtain monthly meter readings. The company requires either port 110 or port 25. A free tool revealed that both of these ports are closed. We are an office with a small server. How do I open these ports, and will that have any security repercussions?

    Requires Free Membership to View

This is a common scenario: many organizations lease office equipment, and the companies providing that equipment often need access to the electronic meters for billing purposes. I'm not concerned about the type of information they're requesting.

On the other hand, this request sounds a little fishy from a technical perspective. Port 110 is used by the POP3 protocol for unencrypted access to electronic mail. The port is intended for end-users to connect to a mail server to retrieve messages. I can't imagine any reason that this port would be used in this case.

Port 25 is used by the SMTP protocol to send mail. The use of this port sounds a little more reasonable, but only if the request is that the copier be allowed to connect to your mail server on port 25. Port 25 would be used to send mail from the copier to the company, and there should be no reason you would have to allow inbound access to the copier on it.

The "how" part of your question depends upon your network topology. If the copier and your mail server are on the same network segment, you shouldn't need to change anything. If they're on different network segments, and those segments are separated by a firewall, you'll need to create a firewall rule that allows port 25 connections from the copiers to the mail server. See your firewall documentation for more on exactly how to do this.

More information:

  • Learn how open ports can increase LAN exposure.
  • Another reader asks Mike Chapple, "What is the relationship between open port range and overall security risk?"
  • This was first published in January 2009

    There are Comments. Add yours.

     
    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: