North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Misguided SPAM Filtering techniques

  • From: Adrian Chadd
  • Date: Sun Oct 21 02:42:21 2007

On Sun, Oct 21, 2007, Nathan Ward wrote:

> Blocking 25/TCP is acceptable, blocking 587/TCP is not - it is  
> designed for mail submission to an MSA, so serves little use for  
> spam, save when a spammer has detected an open mail relay listening  
> on 587/TCP, or someone has (mis)configured port 587 to allow  
> submission to locally hosted domains from remote hosts without  
> authentication. I'd be /very/ surprised if the networks in question  
> received sufficient complaints from (clueless) mail admins, who were  
> being spammed via one of these techniques.

Or peoples' machines are now being infected by malware which
checks for login credentials or uses the existing mail client
via various inter-process communication techniques; re-using said
login credentials to talk to authenticated SMTP servers.

Gotta get a clue; its not enough to just authenticate who sent
the email anymore..