[67535] in North American Network Operators' Group
Re: SMTP authentication for broadband providers
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Wed Feb 11 15:25:27 2004
To: Sean Donelan <sean@donelan.com>
Cc: nanog@merit.edu
In-Reply-To: Your message of "Wed, 11 Feb 2004 15:13:30 EST."
<Pine.GSO.4.58.0402111509570.10498@clifden.donelan.com>
From: Valdis.Kletnieks@vt.edu
Date: Wed, 11 Feb 2004 15:23:18 -0500
Errors-To: owner-nanog-outgoing@merit.edu
--==_Exmh_-1603502146P
Content-Type: text/plain; charset=us-ascii
On Wed, 11 Feb 2004 15:13:30 EST, Sean Donelan said:
> So is it time for ISPs to start blocking port 587 too?
RFC2476 says:
3.2. Message Rejection and Bouncing
MTAs and MSAs MAY implement message rejection rules that rely in part
on whether the message is a submission or a relay.
For example, some sites might configure their MTA to reject all RCPT
TOs for messages that do not reference local users, and configure
their MSA to reject all message submissions that do not come from
authorized users, based on IP address, or authenticated identity.
Is there any indication that there are enough sites *NOT* doing some
sort of authentication check on accepting messages on port 587 that
it's worth the effort of blocking?
Or should we just say "Submit mail via webmail, let's see the ISP block *THAT*"?
--==_Exmh_-1603502146P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFAKo82cC3lWbTT17ARAt0eAKCeNheAlekr2pg/a5Cv+fLu+eyNdwCg34LE
J7Q4m+h4zlpeAS2TaDVuylY=
=DGOj
-----END PGP SIGNATURE-----
--==_Exmh_-1603502146P--
