North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Cloud service [was: RE: EC2 and GAE means end of ip address reputation industry? (Re: Intrustion attempts from Amazon EC2 IPs)]
Frank Bulk - iNAME wrote: Right, port 587 would require SMTP authentication. The sort of depends on how many fib entries you want to burn on not forwarding traffic... the argument in this thread however (which I more or less subcribe to) is that in the future an ip address is insufficient granularity for mail /badness filtering. Frankly it's not just computer clouds but also address pressure, a million hosts behind a /24 are going to be rather hard to pick out one at a time. ultimately the ability blackhole based on something as gross as the source ip address is going to be insufficiently fine grained for devices that must accept connections from the internet at large. I don't know if spammers are going to be using TLS in a big way soon, though I'll admit I've not measured. A couple years ago, when my former employer turned on tls support on the outwardly facing mta's about 10% of our incoming smtp connections immediately started using it after ehlo. That's not something I've kept track of but I imagine it's an issue. As long TLS usage is low, examining TCP port 25 traffic would likely be effective without redirecting SMTP traffic and making it effective for all customers downstream.
|