[100457] in North American Network Operators' Group
Re: Misguided SPAM Filtering techniques
daemon@ATHENA.MIT.EDU (Owen DeLong)
Tue Oct 23 20:28:24 2007
In-Reply-To: <75cb24520710231348r78011f0fp9d816637ba9f26d9@mail.gmail.com>
Cc: "Jack Bates" <jbates@brightok.net>,
"Adrian Chadd" <adrian@creative.net.au>,
"Dave Pooser" <dave.nanog@alfordmedia.com>,
"nanog list" <nanog@nanog.org>
From: Owen DeLong <owen@delong.com>
Date: Tue, 23 Oct 2007 17:14:06 -0700
To: "Christopher Morrow" <christopher.morrow@gmail.com>
Errors-To: owner-nanog@merit.edu
--Apple-Mail-3-129281816
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
charset=US-ASCII;
delsp=yes;
format=flowed
On Oct 23, 2007, at 1:48 PM, Christopher Morrow wrote:
> On 10/23/07, Jack Bates <jbates@brightok.net> wrote:
>> I really don't get it. While I understand with tcp/25 blocking,
>> there is
>> absolutely no reason to block tcp/587. If credential's are being
>> hijacked, it is
>
> morrowc$ telnet mail.ops-netman.net 26
> Trying 71.246.230.124...
> Connected to mail.ops-netman.net.
> Escape character is '^]'.
> 220 A host is a host from coast to coast... Hosty-host ESMTP...
>
> why don't people just run a new version of their MTA on a port
> not-filtered?? The simple fact is that port-25 filtering does help, it
> does also seem to piss off some portion of 'smart folks' (power users,
> whatever you choose to call them). So, being smart, just work your
> box(es) such that this isn't a problem for you?
>
I want to make it clear... I don't mind people filtering either 25 or
587,
but, blocking both is highly unacceptable. Even more unacceptable
in my opinion is hijacking connections to either off to your own
man-in-the-middle attack server.
Owen
--Apple-Mail-3-129281816
Content-Transfer-Encoding: base64
Content-Type: application/pkcs7-signature;
name=smime.p7s
Content-Disposition: attachment;
filename=smime.p7s
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIGYzCCAxww
ggKFoAMCAQICEAEbWCDIgMNLAyc9zkogM9kwDQYJKoZIhvcNAQEFBQAwYjELMAkGA1UEBhMCWkEx
JTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQ
ZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBMB4XDTA2MTIxODA0NTM1NloXDTA3MTIxODA0NTM1
NlowYjEPMA0GA1UEBBMGRGVMb25nMRMwEQYDVQQqEwpKYW1lcyBPd2VuMRowGAYDVQQDExFKYW1l
cyBPd2VuIERlTG9uZzEeMBwGCSqGSIb3DQEJARYPb3dlbkBkZWxvbmcuY29tMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvAfdDkoZPESgJS02Tr7Z/FoDJ3Yz2sGXnwYm3olMfMj73jr
awKh0X0PGZ57hFEaHMFKNw/JzSnsi3N+T9JDmadOEAw1VoUwDsIQnffqrHw+1OJzqXztVE7yYNtC
JyV4qcCUjVRITw4AVGO5eSB41YOz5XiHloT48S+A8ifkQQvnVvUlgTCXFdu1qGTSoGhOjLADXrmz
f4++jMMB+2KzjLL0JRwOlkV2Ja1+g3pOAP3/DrpFNJN+TD5/nZnp35wxBU+b86mHYFKF10yURBPa
MR4gHL7bEiPxSRX2tHgY9zdqQbnimskuVm+ISP9Gm0er57zaBs655D8b6rp2bhK/2QIDAQABo08w
TTAOBgNVHQ8BAf8EBAMCA/gwEQYJYIZIAYb4QgEBBAQDAgWgMBoGA1UdEQQTMBGBD293ZW5AZGVs
b25nLmNvbTAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBBQUAA4GBAF2P0eXOwcOA2Rs2G780lTE/
AH/mZPUArN2isuNkcf621b19M4JxJRVqnzCpcA2InlZtFp0jk6HD4JMMt4yvoVwH3M4hhaP/OkxL
aFrA9oGilFnuvuUl3EQKs+L9wNMt/ZXj7xu6C25B3p6e1a0d94JjMkFIwu133xIDRCiRPv3cMIID
PzCCAqigAwIBAgIBDTANBgkqhkiG9w0BAQUFADCB0TELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdl
c3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUgQ29uc3VsdGlu
ZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhh
d3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFp
bEB0aGF3dGUuY29tMB4XDTAzMDcxNzAwMDAwMFoXDTEzMDcxNjIzNTk1OVowYjELMAkGA1UEBhMC
WkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0
ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
gQDEpjxVc1X7TrnKmVoeaMB1BHCd3+n/ox7svc31W/Iadr1/DDph8r9RzgHU5VAKMNcCY1osiRVw
jt3J8CuFWqo/cVbLrzwLB+fxH5E2JCoTzyvV84J3PQO+K/67GD4Hv0CAAmTXp6a7n2XRxSpUhQ9I
BH+nttE8YQRAHmQZcmC3+wIDAQABo4GUMIGRMBIGA1UdEwEB/wQIMAYBAf8CAQAwQwYDVR0fBDww
OjA4oDagNIYyaHR0cDovL2NybC50aGF3dGUuY29tL1RoYXd0ZVBlcnNvbmFsRnJlZW1haWxDQS5j
cmwwCwYDVR0PBAQDAgEGMCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFQcml2YXRlTGFiZWwyLTEz
ODANBgkqhkiG9w0BAQUFAAOBgQBIjNFQg+oLLswNo2asZw9/r6y+whehQ5aUnX9MIbj4Nh+qLZ82
L8D0HFAgk3A8/a3hYWLD2ToZfoSxmRsAxRoLgnSeJVCUYsfbJ3FXJY3dqZw5jowgT2Vfldr394fW
xghOrvbqNOUQGls1TXfjViF4gtwhGTXeJLHTHUb/XV9lTzGCAxAwggMMAgEBMHYwYjELMAkGA1UE
BhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1Ro
YXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBAhABG1ggyIDDSwMnPc5KIDPZMAkGBSsO
AwIaBQCgggFvMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTA3MTAy
NDAwMTQwNlowIwYJKoZIhvcNAQkEMRYEFH7OnTEGcNyyiQ0lc1+aIvsLAIM2MIGFBgkrBgEEAYI3
EAQxeDB2MGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBM
dGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQIQARtYIMiA
w0sDJz3OSiAz2TCBhwYLKoZIhvcNAQkQAgsxeKB2MGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxU
aGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJl
ZW1haWwgSXNzdWluZyBDQQIQARtYIMiAw0sDJz3OSiAz2TANBgkqhkiG9w0BAQEFAASCAQC1UzVf
CejFjGdrleu83vfceoOITBdJtEF4bYNpeGnfvZla70FxdngtEV7sqam+zlHvI+Ej7wgm0u4Z6VHC
f2aqEJa793H0LHkzO+RTkRHUEVSpnCghZEAHGu41G3x4NjpQFl62gWGd5at7HZX8IrFkdDjGsGyi
3q4ADN7K1F8UeHERrIf+LoHW0ExCuwRvJPA4eMHgmo9tzUVTBUHQ+f1lYzuxtZRUTeFgJU+SEeYF
oNXKRYUKb5BSpRRVsDW0sx4AM1KetNgXv3vES2xFZLfrjVWoRJZk6d0YOarEKDEq1Ivis5OhETAb
POudvyR4tGkEd6yxBuh0GXv6fLng08P/AAAAAAAA
--Apple-Mail-3-129281816--
