North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Lazy network operators
At 10:47 AM 4/14/2004, Iljitsch van Beijnum wrote: That's a bad analogy, therefore your comparison is worthless. Closing port 25 is *very* similar to closing your server to relaying. It is a way to ensure that only authorized users send email from your network.On 14-apr-04, at 17:45, JC Dill wrote:I understand your frustration, but the approach of blocking port 25 isn't the right one. It may be convenient for you, but ... However, filtering TCP port 25 is bad not just because it is massively inconvenient for many people (ever work in support?)Simply put, I do not agree with your assertion here. Most people are not inconvenienced by this change. In reality, very *few* people are inconvenienced. And those people have alternate solutions. I have helped many people configure one of these solutions when they have encountered port 25 blocking. Recently, I helped a friend who was suddenly "no longer able to send work email from her laptop at home" because their home DSL connection thru her husband's employer had implemented port 25 filtering. The solution was to create a profile on her laptop that used the DSL provider's server, and for her to select that profile when sending email from home. An even simpler solution would have been to use port 587, if her own work server had offered this option (unfortunately, it doesn't). Many ISPs have successfully implemented port 25 filtering. The support costs associated with implementing this change are small in the long run, especially when compared to the reduced abuse support costs you will realize when you are no longer empowering your users to abuse port 25 on other servers. This is the same story as when you closed your open relays, and briefly had increased support costs, which were offset by the reduced abuse support costs since you no longer were subject to being used as a relay or getting complaints about the spam your servers were spewing. It's been ten years now: <http://slashdot.org/articles/04/03/05/160229.shtml> We need to stop whining that it's "hard" or "expensive" do to the right thing and close loopholes that are abused by spammers. It's much harder and more expensive long term to NOT do the right thing. jc -- p.s. Please do not cc me on replies to the list. Please reply to the list only, or to me only (as you prefer) but not to both.
|