[102971] in North American Network Operators' Group
Re: Customer-facing ACLs
daemon@ATHENA.MIT.EDU (Andy Dills)
Mon Mar 10 20:22:56 2008
Date: Mon, 10 Mar 2008 20:12:25 -0400 (EDT)
From: Andy Dills <andy@xecu.net>
To: Ang Kah Yik <mailinglist@bangky.net>
cc: Justin Shore <justin@justinshore.com>, nanog@merit.edu
In-Reply-To: <47D5CB09.5030405@bangky.net>
Errors-To: owner-nanog@merit.edu
On Tue, 11 Mar 2008, Ang Kah Yik wrote:
>
> Hi Justin (and all others on-list)
>
> I understand your grounds for blocking outbound SMTP for your customers
> (especially those on dynamic IP connections).
> It probably will do good to block infected customers that are spewing spam all
> over the world.
>
> However, considering the number of mobile workers out there who send email via
> their laptops to corporate SMTP servers, won't blocking outbound SMTP affect
> them?
>
> Since these corporate types (I'm guessing here) are probably unaware of how to
> change their email client's SMTP configurations, chances are that blocking
> outbound SMTP will probably cause quite a lot of pain.
>
> After all, there are also those who frequently move from place to place so
> they're going to have to keep changing SMTP servers every time they go to a
> new place that's on a different ISP.
For what it's worth, that's what port 587 was created for.
And wouldn't those corporate types require VPN to access the network?
On top of that, most who "block" 25 don't block it but direct it to
internal mail servers where it can be subjected to limits and filtering.
Andy
---
Andy Dills
Xecunet, Inc.
www.xecu.net
301-682-9972
---
