North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Time to check the rate limits on your mail servers

  • From: Nils Ketelsen
  • Date: Thu Feb 03 14:08:29 2005

On Thu, Feb 03, 2005 at 12:26:55PM -0500, [email protected] wrote:

> On Thu, 03 Feb 2005 12:16:41 EST, Jason Frisvold said:
> > Agreed.  And depending on your service, there are different ports
> > worth blocking.  For residential users, I can't see a reason to not
> > block something like Netbios.  And blocking port 25 effectively
> > prevents zombies from spamming.  Unfortunately, it also blocks
> > legitimate users from being able to use SMTP AUTH on a remote server..
> There's a *reason* why RFC2476 specifies port 587....

IIRC the starting point of this thread was, that Spammers now learned
to use the smarthost of the clients. When they are using that, why is it
more difficult for them to send their junk on port 587 instead of port 25?

As soon as the spammers on a big scale learn to use the same traffic
path the mailclients do, instead looking up MXes themselves,
this switching ports and blocking 25 that is proposed, will cause a lot of
work without any benefit. Same goes for SPF, BTW.

Only thing that puzzles me is, why it took spammers so long to go in
this direction.