Am/On Mon, 16 Jul 2007 09:02:58 -0500 schrieb/wrote Richard Frovarp: >Matthias Schmidt [c] wrote: >> Am/On Mon, 16 Jul 2007 06:11:32 -0700 schrieb/wrote Marc Perkel: >> >> >>> One of the problems with SMTP in my opinion is that it allows end users >>> to talk on port 25 to servers and therefore can't be distinguished from >>> server to server traffic. >>> >>> Imagine a policy where ISPs blocked port 25 for consumers by default and >>> forced them to talk to mail servers on port 587 to send SMTP. Suppose >>> that all SMTP servers who took email from consumers had port 587 open as >>> well as port 25. >>> >>> If port 25 were blocked from consumers and they were forced to talk to >>> servers on port 587, even without authentication, then a server could >>> distinguish consumers from other servers. I think this kind of >>> configuration could be used to help isolate virus infected computers >>> >> >from spamming and spreading. >> >>> So if I have an SMTP server that is set up to receive email for a bunch >>> of domains and had port 587 closed then I could block out all spam from >>> consumer computers. The idea being that a lot of virus infected spam >>> bots would be isolated. It would force consumer traffic to talk only to >>> smtp servers set up to relay consumer email. >>> >>> Thoughts? >>> >> >> imho this won't work ... >> how you want to keep infected computers off from 25? >> >> >Many ISPs firewall 25 at the edge of their network. If you try to send >to port 25 on their network or to their SMTP they allow that traffic. >One of the reasons for running the submission port is so that your users >can get out of those ISPs to your outgoing server.
I know that ..... I just meant it's not possible in the real world to prevent "clients" from talking to port 25 (of course as long as it is not closed by some isp) or to distinguish a mail-bot from a real server just through the port they talk to. the suggestion from Forrest has indeed some charme. But how to "teach" a whole bunch of DAUs to set their mail client to use port 587 instead of the default set port 25? > >For another way of doing this, see the PBL: >http://www.spamhaus.org/pbl/index.lasso > Thanks and all the best Matthias -- --------------------- [ SECURITY NOTICE ] --------------------- To: [EMAIL PROTECTED] For your security, [EMAIL PROTECTED] digitally signed this message on 16 July 2007 at 14:15:19 UTC. Verify this digital signature at http://www.ciphire.com/verify. ---------------- [ CIPHIRE DIGITAL SIGNATURE ] ---------------- Q2lwaGlyZSBTaWcuAjh1c2Vyc0BzcGFtYXNzYXNzaW4uYXBhY2hlLm9yZwBiZXRh QGFkbWlsb24ubmV0AGVtYWlsIGJvZHkABgcAAHwAfAAAAAEAAAB3fZtGBgcAAF8C AAIAAgACACD9Ai21V8oDfBQZmyrLTAeiXFHYXrdeSBX/+DEIczVg3QEADr+4K2c1 G+FkDKuvQ5xCTjUVBh0UyHH72UGj6mtz5nYjlUEJoNgP9ebYb5GrX+H0xYfag1EA QNL7PaGtiHvp04nmU2lnRW5k ------------------ [ END DIGITAL SIGNATURE ] ------------------
