Noel Jones wrote:
On Tue, Jul 22, 2008 at 12:00 PM, Bob McClure Jr <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>> wrote:
If I may extend this OT thread, I'd like to know how draconian admins
get with their mail servers. Without considering RBLs, how much do
you limit client connections:
Allow only those with (PTR and/or A) DNS records?
It's becoming common to reject clients with no PTR, but there are
still many legit hosts using an ISP that doesn't offer PTR. So this
is not universally acceptable and prone to false positives. This also
isn't terribly effective since many botted machines have proper DNS
entries.
It would be nice if all ISP's firewalled port 25 and offered a
self-service interface so the customer could unblock it if they run a
server. 99% of customers would never notice that port 25 was blocked.
Many do. That is why 587 is becoming popular for authenticated mail.
Without it, many users would notice, as they would no longer be able to
use their work's SMTP for those email addresses.
Richard
