What are the security risks of opening port 110 and port 25?

If an external manufacturer wants to remotely access its leased copiers, is it risky to open both port 110 or port 25? Mike Chapple reveals a few security repercussions.

We wish to allow an external manufacturer to remotely access the copiers that it leases to us, so it can obtain monthly meter readings. The company requires either port 110 or port 25. A free tool revealed that both of these ports are closed. We are an office with a small server. How do I open these ports, and will that have any security repercussions?

This is a common scenario: many organizations lease office equipment, and the companies providing that equipment often need access to the electronic meters for billing purposes. I'm not concerned about the type of information they're requesting.

On the other hand, this request sounds a little fishy from a technical perspective. Port 110 is used by the POP3 protocol for unencrypted access to electronic mail. The port is intended for end-users to connect to a mail server to retrieve messages. I can't imagine any reason that this port would be used in this case.

Port 25 is used by the SMTP protocol to send mail. The use of this port sounds a little more reasonable, but only if the request is that the copier be allowed to connect to your mail server on port 25. Port 25 would be used to send mail from the copier to the company, and there should be no reason you would have to allow inbound access to the copier on it.

The "how" part of your question depends upon your network topology. If the copier and your mail server are on the same network segment, you shouldn't need to change anything. If they're on different network segments, and those segments are separated by a firewall, you'll need to create a firewall rule that allows port 25 connections from the copiers to the mail server. See your firewall documentation for more on exactly how to do this.

More information:

  • Learn how open ports can increase LAN exposure.
  • Another reader asks Mike Chapple, "What is the relationship between open port range and overall security risk?"

Dig Deeper on Threats and vulnerabilities