> If the provider on which one is guesting has a policy to block > outbound access from their network to all ports used for sending of > mail, so that they can force one through their SMTP server for sake > of control, micromanagement, or whatever, then (assuming they know > about it), would they not then block official port 587 as well as > port 25? That was the position I heard the 'customer service rep' > take the last time I tried to solve such a problem through appeal to > bureaucratic sensibility.
What I'm going to say is not new, but I guess we have a lot of trouble with SMTP because the same port is used as well for the communication between 2 MTAs as for between a MUA and a MTA. I don't know about any provider that doesn't require smtp auth on port 587. ISPs should block outgoing connections to port 25 unless they know the source is a SMTP MTA. I guess this would mitigate a lot of zombies as it would force them to use the provider's smtp server (which does outbound spam/virus filtering and ISPs can easily identify their own customers). Alternatively the zombie would use a remote port 587 but it would require authentication so again the identification of the "owned" machine / user would be possible. Jean-Pierre -- HILOTEC Engineering + Consulting AG - Langnau im Emmental Energietechnik und Datensysteme: Server, PCs, Linux, Telefonanlagen, VOIP, Hosting, Datenbanken, Entwicklung, Komplettlösungen für KMUs Tel: +41 34 402 74 00 - http://www.hilotec.com/ _______________________________________________ swinog mailing list [email protected] http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
