[97973] in North American Network Operators' Group
Port 587 vs. 25 [was: DNS Hijacking by Cox]
daemon@ATHENA.MIT.EDU (Patrick W. Gilmore)
Mon Jul 23 04:05:17 2007
In-Reply-To: <873azfd4ml.fsf@mid.deneb.enyo.de>
Cc: "Patrick W. Gilmore" <patrick@ianai.net>
From: "Patrick W. Gilmore" <patrick@ianai.net>
Date: Mon, 23 Jul 2007 04:03:48 -0400
To: nanog@merit.edu
Errors-To: owner-nanog@merit.edu
On Jul 23, 2007, at 2:18 AM, Florian Weimer wrote:
> * Sean Donelan:
>> On Sun, 22 Jul 2007, William Allen Simpson wrote:
>>> Comcast still blocks port 25. And last week, a locally well-
>>> known person
>>> was blocked from sending outgoing port 25 email to their servers
>>> from her
>>> home Comcast service.
>>
>> MSA port 587 is only 9 years old. I guess it takes some people
>> longer
>> than others to update their practices.
>
> You missed the "to their servers" part (I don't think it's singular
> "they" 8-). At the intra-ISP level, submission vs. SMTP does not
> really matter because it's all local policy. If they block her on
> 25/TCP on their own servers, they can easily block her on 587/TCP,
> too.
They can, but they do not. AFAIK, not a single ISP redirects port
587 to their own servers.
Which is a good thing, since port 587 is usually backed by
authentication. Which means you know who sent the mail (or at least
which password was stolen to do so). And that is all people are
looking for at this level - some way to tell who sent the mail so it
can be stopped.
IOW: ISPs have no real reason to stop port 587, they do have a reason
(whether you agree it is sufficient or not) to filter port 25.
--
TTFN,
patrick
