Re: ingress SMTP

• From: Nicholas Suan
• Date: Wed Sep 03 13:26:51 2008

• List-archive: <http://mailman.nanog.org/pipermail/nanog>
• List-help: <mailto:[email protected]?subject=help>
• List-id: North American Network Operators Group <nanog.nanog.org>
• List-post: <mailto:[email protected]>
• List-subscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=subscribe>
• List-unsubscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=unsubscribe>

On Wed, Sep 03, 2008 at 09:40:20AM -0700, Michael Thomas wrote:

"Allowing unfiltered public access to port 25 is one of the things that
increases everyone's spam load, and your ISP is trying to be a Good
Neighbor in blocking access to anyone's servers but their own; many ISPs
are moving towards this safer configuration. We're a good neighbor, as
well, and support Mail Submission Protocol on port 587, and here's how
you set it up -- and it will work from pretty much anywhere forever."

I think this all vastly underrates the agility of the bad guys. So lots of
ISP's have blocked port 25. Has it made any appreciable difference?
Not that I can tell. If you block port 25, they'll just use another port and
a relay if necessary.

You're forgetting that 587 *is authenticated, always*.

• Follow-Ups:
  • Re: ingress SMTP Jay R. Ashworth

• References:
  • ingress SMTP *Hobbit*
  • Re: ingress SMTP Justin Scott
  • Re: ingress SMTP Jay R. Ashworth
  • Re: ingress SMTP Michael Thomas
  • Re: ingress SMTP Jay R. Ashworth

• Prev by Date: Re: ingress SMTP
• Next by Date: Re: Is the export policy selective under valley-free?
• Date Index
• Thread Index
• Author Index
• Historical