North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Why do so few mail providers support Port 587?

  • From: Joe Provo
  • Date: Sat Feb 26 07:35:13 2005

[Note reply-to]

On Fri, Feb 25, 2005 at 02:45:40PM -0500, [email protected] wrote:
> [email protected] wrote:
> > On Fri, 25 Feb 2005 12:56:50 EST, [email protected] said:
> > 
> >> Sorry, I misread that.  But I still fail to see how 587 changes that.
> Yes.  Authenticated SMTP makes tracking down which of your users is
> doing the spamming easier.  But you're assuming that SMTP AUTH isn't
> being used on port 25 already.  You can do SMTP AUTH just as easily on

You do not authenticate every transaction on 25, else you wouldn't 
be getting any smtp from the real world.  The point is that you 
can trivially sort "must be authenticated" vs "is unknown" as 
opposed to inspecting messages on "dunno if might be anything" 
port. Reducing the problem space is always a Good Thing.

The real funny thing is that o started to write back to the 
earlier incarnation of this thread. Pasted below because it still 
applies.  I'd rephrase Sean's question as 'why do so few SMALL 
mail providers [...]'.  Bluntly, if AOL/etc can do it with their 
customer base then the 'bad' laziness is the only reason not to
do so, or to rgue against those who wish to do so.

On Tue, Feb 15, 2005 at 09:00:11PM -0500, Sean Donelan wrote:

Seans rhetorical subject line was answered quite adequately 
by the rampant ignorance in the knee-jerk responses of those 
who have obviously not read the RFC in its many years of 
availability, thought about the consequences, nor been down 
the road of implementation.

Rather than armchair nattering, come to the discussion prepared
or sit on the sidelines and observe.  If you haven't done your
homework, you are Not Tall Enough To Ride This Ride and go to
the queue for the spinning teacups.

The beauty of what we've all been building for all these years
is it is all documented; given a brain and desire you can go
from clueless to clueful purely through self-educating. If you
are expecting to be spood-fed then please return to the flow
charts and MOPs of vendor certifications.

Questions regarding the spec, document, implementations thereof
are useful and have popped up, but in general there's a really
sad trend of uninformed chattering.

             RSUC / GweepNet / Spunk / FnB / Usenix / SAGE