[145834] in North American Network Operators' Group
Re: Outgoing SMTP Servers
daemon@ATHENA.MIT.EDU (Owen DeLong)
Tue Oct 25 00:40:23 2011
From: Owen DeLong <owen@delong.com>
In-Reply-To: <13175F96BDC3B34AB1425BAE905B3CE50BA685A7@ltiserver.lti.local>
Date: Mon, 24 Oct 2011 21:37:11 -0700
To: "Dennis Burgess" <dmburgess@linktechs.net>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Oct 24, 2011, at 9:29 PM, Dennis Burgess wrote:
> I am curious about what network operators are doing with outbound SMTP
> traffic. In the past few weeks we have ran into over 10 providers,
> mostly local providers, which block outbound SMTP and require the =
users
> to go THOUGH their mail servers even though those servers are not
> responsible for the domains in question! I know other mail servers =
are
> blocking non-reversible mail, however, is this common? And more
> importantly, is this an acceptable practice?
>=20
It's both unacceptable in my opinion and common. There are even those
misguided souls that will tell you it is best practice, though general =
agreement,
even among them seems to be that only 25/tcp should be blocked and that
465 and 587 should not be blocked.
>=20
>=20
> Most of our smaller ISPs that we support; we allow any outbound SMTP
> connection, however we do watch residential users for 5+ outbound SMTP
> connections at the same time. But if the ISP has their own mail
> servers, and users wish to relay though them, we basically tell them =
to
> use their mail server that they contract with. What is the best
> practice?=20
>=20
Best practice is to do what works and block as much SPAM as possible =
without
destroying the internet in the process. There are those who argue that =
blocking
25/tcp does not destroy the internet. By and large, they are the same =
ones who
believe NAT was good for us.
Owen
