How do you stop outgoing spam?
Brad Knowles
brad.knowles at skynet.be
Tue Sep 17 16:30:36 UTC 2002
At 10:26 AM -0700 2002/09/15, Dave Crocker wrote:
> 2. The issue with email is authentication, not privacy.
> Authentication can be achieved can be achieved easily over port
> 25, without encryption. Hence, blocking port 25 blocks
> legitimately validated email, as well as possible spam.
True enough. However, there are no intelligent transparent
proxies that I know of which will allow authenticated and/or
link-encrypted port 25 connections through to the indicated site, and
shunt the non-authenticated/non-encrypted sessions to the side.
Since this information is only available at the IP level, this is not
something you can fix inside the SMTP MTA -- the critical information
is destroyed before then.
I imagine if you could get cisco (and other vendors) to fix their
transparent proxy server software to be more intelligent, that would
fix the problem.
--
Brad Knowles, <brad.knowles at skynet.be>
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-Benjamin Franklin, Historical Review of Pennsylvania.
GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E W+++(--) N+ !w---
O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)
More information about the NANOG
mailing list