[52120] in North American Network Operators' Group
Re: How do you stop outgoing spam?
daemon@ATHENA.MIT.EDU (Dave Crocker)
Mon Sep 16 12:34:11 2002
Date: Mon, 16 Sep 2002 09:32:04 -0700
To: Brad Knowles <brad.knowles@skynet.be>
From: Dave Crocker <dhc2@dcrocker.net>
Cc: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
At 02:07 PM 9/11/2002 +0200, Brad Knowles wrote:
>At 10:16 AM -0700 2002/09/10, Dave Crocker wrote:
>> Laptop mobile users cannot use their home SMTP server.
> Depends on the configuration of the SMTP server and the mail
> server & client running on the laptop. With SMTPAUTH and/or TLSSMTP, and
> using a different (unfiltered) port, this shouldn't be a problem.
1. The basic issue is with control over outbound ports. Whatever hacks
might deal with the particular details of problems in blocking outbound
port 25, the problem resurfaces for other ports. For example, I have been
in a number of installations that block all but a few outbound ports, so
that even non-25 email is not accessible. It is the philosophy of blocking
outbound ports that is the real mistake.
2. The issue with email is authentication, not privacy. Authentication can
be achieved can be achieved easily over port 25, without
encryption. Hence, blocking port 25 blocks legitimately validated email,
as well as possible spam.
>> In other words, by blocking output SMTP, mobile users are hurt
>> badly.
> Can be. Yup. Think of all the iPass and GRiC customers who
> don't even know who the local provider is that they're dialing up, so
> that they can get a network connection?
Exactly correct. And all the people who visit an organization and use
their LAN access. And all the people who visit 802.11 hotspots.
>> I know that *I* certainly am. Constantly and serously.
> I'm very sorry to hear this. Maybe we can help you get SMTPAUTH
> and/or TLSSMTP set up on your server and/or client?
SMTPAUTH works over port 25.
d/
----------
Dave Crocker <mailto:dave@tribalwise.com>
TribalWise, Inc. <http://www.tribalwise.com>
tel +1.408.246.8253; fax +1.408.850.1850
