[145843] in North American Network Operators' Group
Re: Outgoing SMTP Servers
daemon@ATHENA.MIT.EDU (Aftab Siddiqui)
Tue Oct 25 05:52:02 2011
In-Reply-To: <6F877A0C-5CAB-4856-86C6-3408518BFD71@delong.com>
Date: Tue, 25 Oct 2011 14:51:05 +0500
From: Aftab Siddiqui <aftab.siddiqui@gmail.com>
To: Owen DeLong <owen@delong.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Blocking port/25 is a common practice (!= best practice) for home
users/consumers because it makes life a bit simpler in educating the end
user.
ripe-409 gives some what glimpse of best-practice, not sure how many
implements it that way.
Regards,
Aftab A. Siddiqui
On Tue, Oct 25, 2011 at 2:35 PM, Owen DeLong <owen@delong.com> wrote:
>
> On Oct 24, 2011, at 10:27 PM, Mikael Abrahamsson wrote:
>
> > On Mon, 24 Oct 2011, Dennis Burgess wrote:
> >
> >> I am curious about what network operators are doing with outbound SMTP
> >> traffic.
> >
> > Block all TCP/25 and require users to use submit with authentication on
> TCP/587.
> >
>
> If they are using someone else's mail server for outbound, how, exactly do
> you control
> whether or not they use AUTH in the process?
>
> Further, if you make them use AUTH somehow, but, you don't force TLS, then,
> you are
> doing more harm than good IMHO.
>
> Owen
>
>
>
