North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Why do so few mail providers support Port 587?

  • From: Sean Donelan
  • Date: Sat Feb 26 02:35:13 2005

On Fri, 25 Feb 2005, just me wrote:
> What I disagree with is the constant disingenuous suggestion made
> here that AUTH by itself has any impact on unwanted email. When the
> lights are on, but nobody is home, it doesnt matter how detailed the
> accounting is. And it seems that theres plenty of large providers
> around the world where this is the case.

While you may be correct in theory, in the real world you don't have
to outrun the bear, just the other guy.  Although I still believe in
an end-to-end Internet, it is hard to argue with real-life experience.

Essentially every provider that has implemented port 25 blocks has seen
a substantial drop in problems.  The numbers are even better when they
added the requirement for authenticated mail submission even for local
users.  These are the same providers, as you say have nobody home, so
that variable didn't change.

>Since the implementation of the port 25 blocking procedure, Cox has seen
>significant decreases in the residential Cox High Speed Internet
>complaint counts for different abuse types impacted by the port 25
>blocking.  Port scanning complaints decreased by 36%, virus complaints
>by 41%, spam complaints by 52%, and open proxy by more than 78%.

I'm not a complete idiot. Everyone expects the malware authors
to adapt.  Some already have. But when they do, you have made some
progress in reducing the footprint back to just the mail servers
accepting authenticated submissions instead of every end-user
system on the Internet.  Even at providers with nobody home,
dealing with the problem at a few mail servers handling authenticated
mail submission is significantly different than fixing millions of
end-user PC's sending mail to any other system on the Internet.