On Thu 31 Jul 2014 at 10:52:39 -0400, Jerry Stuckle wrote: > On 7/31/2014 10:37 AM, Brian wrote: > > > > The reason for doing it given is generally along the lines of: > > > > Much of the current use of port 25 is by computers that have been > > infected by malware and are sending spam without the knowledge of > > the users of those computers. Port 587 improves security through > > the use of required authentication and recommended TLS/SSL > > encryption. > > > > What I do not understand is what prevents the malware (assuming it can > > signicantly control the machine) from using the same authentication to > > send spam as before. Isn't this back to square 1? > > Nothing, if the malware can get the userid and password. However, to do > so you have to store the information on your machine. Additionally, the > malware has to know which MUA you're using (to figure out where the > userid and password are stored), and if your MUA has encrypted the > information, how to decrypt it.
One would expect the ISP's strategy to factor in the sophistication of malware. which is presumably sophisticated enough to be able to use port 25. > Not impossible, by any means. But much harder than just sending over > port 25, which requires none of the above. The ISP's concern is (or should be) the customers who allow sending of spam "without the knowledge of the users of those computers". These same incompetent customers are now all going to start encrypting the usernames and passwords used for sending email? -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/31072014173505.d888f60ee...@desktop.copernicus.demon.co.uk
