North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: SMTP authentication for broadband providers

  • From: Mark Segal
  • Date: Wed Feb 11 10:49:20 2004

> I'm looking for comments on whether this is generally seen as a
positive change or a waste
> of time (ie - will the next virus or worm gleam your SMTP username and
password from
> Outlook Express and use it to replicate/SPAM)?  

We are planning on moving the same way.  Without a doubt, a new virus or
worm will emerge that will steal the SMTP-AUTH from the config file (or
more likely, ALL the new variants will steal the SMTP-AUTH info).  But,
with SMTP-AUTH you can limit the number of connections and outbound
emails, which is the real reason we are doing it.

Also since some of the new variants are smart enough to bundle in a SMTP
server, or use the local service in XP, we have taken to blocking emails
from clearly marked residential high speed subnets (reverse DNS) in
other providers space.   Maybe its time there is some proposed rfc like
device for this?


Mark Segal
Director, Network Planning
FCI Broadband
Tel: 905-284-4070
Fax: 416-987-4701 <>  

Futureway Communications Inc. is now FCI Broadband