SMTP authentication for broadband providers
Dan Ellis
ellis at corp.ptd.net
Thu Feb 12 19:30:53 UTC 2004
First, a quick thanks to everyone that responded. I've received useful and excellent info from everyone.
We do not block on 25 outbound/inbound, but we are considering it for the residential broadband connections - maybe filter, proxy, or at least monitor it.
I should clarify one thing: We are considering REQUIRING SMTPAUTH for all connections from customers for relaying - whether they are on our IP space or not. I know this will only buy us a few months until the next round of viruses steal username/pass, but even then it will give us the ability to detect an infected/SPAMMING customer quicker and auto shut them down (vs having to shutdown the IP, and then the customer receives a new IP...)
My question is: Have any or many of the larger ISP's gone the route of REQUIRING all customers to use SMTPAUTH - regardless of where they are connected. Can anyone disclose who these regional or national providers are?
Thanks again
--Dan
--
Daniel Ellis, CTO, PenTeleData
(610)826-9293
> -----Original Message-----
> From: Florian Weimer [mailto:fw at deneb.enyo.de]
> Sent: Thursday, February 12, 2004 2:01 AM
> To: Dan Ellis
> Cc: nanog at merit.edu
> Subject: Re: SMTP authentication for broadband providers
>
> Dan Ellis wrote:
>
> > We're a medium sized regional MSO/broadband provider with 200k+
> > mailboxes, strongly considering enabling SMTP authentication on our
> > customer-facing SMTP mail servers. We feel this is the next logical
> > step to minimize our users UCE/virus impact (we already tarpit, virus
> > scan, UCE scan, subscribe to RBL's, reject prior to SMTP close).
>
> Do you block incoming 25/TCP connections from customers? Some of your
> hosts are listed on my mass-market IP access blacklist, so you probably
> don't. 8-)
>
> IMHO, this is one of the next thing to consider if you want to reduce
> the volume of unwanted email originating from your network. There's an
> intermediate step: monitoring TCP/25 flows. The initial setup costs are
> much lower, but the operating costs are higher and the effect is less
> thorough.
>
> > Is anyone aware of any well known mail clients that do not support SMTP
> > authentication (Unix, Windows or Mac)?
>
> qmail (as usual).
More information about the NANOG
mailing list