[145904] in North American Network Operators' Group
Re: Outgoing SMTP Servers
daemon@ATHENA.MIT.EDU (Owen DeLong)
Wed Oct 26 00:45:53 2011
From: Owen DeLong <owen@delong.com>
In-Reply-To: <CAP-guGUMH+NF6WE9fdZhMK8DYwCb56FQr2-BJZ-QjB86wt-XCQ@mail.gmail.com>
Date: Tue, 25 Oct 2011 21:44:11 -0700
To: William Herrin <bill@herrin.us>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Oct 25, 2011, at 9:33 PM, William Herrin wrote:
> On Tue, Oct 25, 2011 at 8:15 PM, Owen DeLong <owen@delong.com> wrote:
>> On Oct 25, 2011, at 3:16 PM, William Herrin wrote:
>>> If you're doing the "right" thing, sending email via encrypted,
>>> authenticated mechanisms, then you're doing it TCP ports 587 or 443.
>>> Where Mike's mechanism obstructs you not at all.
>>>=20
>> Depends. Some hotel admins aren't so bright. That's the problem. Not
>> everyone hears block outbound SMTP on port 25, they hear block =
outbound
>> SMTP and stop listening. Boom, 25, 465, 587 all get turned off.
>=20
> Sure. But that's not Mike's mechanism. It's ignorant hotel guy's
> mechanism. Don't penalize Mike because some other fool does something
> similar but wrong.
>=20
Mike recommends a tactic that leads to idiot hotel admins doing bad =
things.
You bet I'll criticize it for that.
His mechanism breaks things anyway. I'll criticize it for that too.
>=20
>>> If you're still doing the wrong thing, trying to talk to remote SMTP
>>> servers on TCP port 25, why should his mechanisms not punish you?
>>=20
>> It's not wrong to talk to them on port 25. It's wrong to allow =
unauthenticated
>> remote users to send on your own port 25 for relay purposes.
>=20
> Sure it is. Same way it's wrong to have an open relay or an unsecured
> proxy. It isn't 1995 any more.
>=20
As I said, we can agree to disagree about what is wrong. I know your =
position.
I still don't agree with it.
Owen
