[107418] in North American Network Operators' Group
Re: ingress SMTP
daemon@ATHENA.MIT.EDU (Nicholas Suan)
Wed Sep 3 13:26:49 2008
From: Nicholas Suan <nsuan@nonexiste.net>
To: nanog@nanog.org
In-Reply-To: <20080903164941.GL8979@cgi.jachomes.com>
Date: Wed, 3 Sep 2008 12:58:53 -0400
X-SA-Exim-Mail-From: nsuan@nonexiste.net
Errors-To: nanog-bounces@nanog.org
On Sep 3, 2008, at 12:49 PM, Jay R. Ashworth wrote:
> On Wed, Sep 03, 2008 at 09:40:20AM -0700, Michael Thomas wrote:
>>> "Allowing unfiltered public access to port 25 is one of the things
>>> that
>>> increases everyone's spam load, and your ISP is trying to be a Good
>>> Neighbor in blocking access to anyone's servers but their own;
>>> many ISPs
>>> are moving towards this safer configuration. We're a good
>>> neighbor, as
>>> well, and support Mail Submission Protocol on port 587, and here's
>>> how
>>> you set it up -- and it will work from pretty much anywhere
>>> forever."
>>
>> I think this all vastly underrates the agility of the bad guys. So
>> lots of
>> ISP's have blocked port 25. Has it made any appreciable difference?
>> Not that I can tell. If you block port 25, they'll just use another
>> port and
>> a relay if necessary.
>
> You're forgetting that 587 *is authenticated, always*.
>
I'm not sure how that makes much of a difference since the usual spam
vector is malware that has (almost) complete control of the machine
in the first place.
