[100449] in North American Network Operators' Group
Re: Misguided SPAM Filtering techniques
daemon@ATHENA.MIT.EDU (Jack Bates)
Tue Oct 23 16:03:16 2007
Date: Tue, 23 Oct 2007 14:32:16 -0500
From: Jack Bates <jbates@brightok.net>
To: Owen DeLong <owen@delong.com>
CC: Adrian Chadd <adrian@creative.net.au>,
Dave Pooser <dave.nanog@alfordmedia.com>, nanog list <nanog@nanog.org>
In-Reply-To: <06F2B7A5-5FAC-4B1C-9C03-D66F07B2EA6B@delong.com>
Errors-To: owner-nanog@merit.edu
Owen DeLong wrote:
>
> The issue is the increasingly high percentage of internet connections
> which are
> becoming broken. So far, the only "justification" for this behavior
> posted is the
> inability of the folks in Redmond to deliver non-broken software such
> that a large
> enough fraction of portable machines are able to "credential hijack"
> from stored
> credentials on the machine and impersonate the operator while botted.
I really don't get it. While I understand with tcp/25 blocking, there is
absolutely no reason to block tcp/587. If credential's are being hijacked, it is
the responsiblity of the MSA server to close the door. There's nothing to say
those credentials weren't blasted to an irc server or a web script somewhere and
the actual usage of them will be from some other random location on the net.
Jack Bates
