We wish to allow an external manufacturer to remotely access the copiers that it leases to us, so it can obtain
monthly meter readings. The company requires either port 110 or port 25. A free tool revealed that both of these ports are closed. We are an office with a small server. How do I open these ports, and will that have any security repercussions?
This is a common scenario: many organizations lease office equipment, and the companies providing that equipment often need access to the electronic meters for billing purposes. I'm not concerned about the type of information they're requesting.
On the other hand, this request sounds a little fishy from a technical perspective. Port 110 is used by the POP3 protocol for unencrypted access to electronic mail. The port is intended for end-users to connect to a mail server to retrieve messages. I can't imagine any reason that this port would be used in this case.
Port 25 is used by the SMTP protocol to send mail. The use of this port sounds a little more reasonable, but only if the request is that the copier be allowed to connect to your mail server on port 25. Port 25 would be used to send mail from the copier to the company, and there should be no reason you would have to allow inbound access to the copier on it.
The "how" part of your question depends upon your network topology. If the copier and your mail server are on the same network segment, you shouldn't need to change anything. If they're on different network segments, and those segments are separated by a firewall, you'll need to create a firewall rule that allows port 25 connections from the copiers to the mail server. See your firewall documentation for more on exactly how to do this.
- Learn how open ports can increase LAN exposure.
- Another reader asks Mike Chapple, "What is the relationship between open port range and overall security risk?"
Dig deeper on Email Security Guidelines, Encryption and Appliances
Related Q&A from Mike Chapple, Enterprise Compliance
Should companies obtain U.S. security clearance to join the Enhanced Cybersecurity Services program? Mike Chapple offers his perspective.continue reading
Does a Web application security assessment termed 'compliance ready' seem too good to be true? Learn its role in an enterprise compliance program.continue reading
Learn how hiring the right PCI DSS-compliant service providers, especially payment services providers, can reduce your compliance burden.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.