Charter blocking Port 25
Jeroen Massar
jeroen at unfix.org
Thu Jun 10 15:26:35 UTC 2004
On Thu, 2004-06-10 at 16:28, Todd Vierling wrote:
> On Wed, 9 Jun 2004, matthew zeier wrote:
>
> : But this is different - I'm not running a mail server -on- my Cox
> : connection. I'm running one external to Cox but I can't connect to
> : port 25 on it.
>
> That's why port 587 was invented. It's the MSA (mail *submission* agent)
> port, intended only for initial injection of mail into the SMTP delivery
> network. Learn it, believe it, use it. 8-)
Mail *SPAM* Agent? ;) when spammers also start probing for that port...
A site that has a bad port 25 policy also will likely also have a bad
MSA policy. MSA's can also be open relays just like standard port 25.
Splitting submission from transfer seems like a good idea though, but
in the light of good MTA's, so that the MSA don't need to add a handfull
of headers and also SMTP-AUTH and TLS it doesn't make much difference.
Requiring *Authentication*, may that be on 25 or 587, is the way to go
here... but then still that 'neighbor' will have a misconfig and spam
straight away. Not even talking about the bots.
Greets,
Jeroen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 240 bytes
Desc: This is a digitally signed message part
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20040610/4fa6cd07/attachment.sig>
More information about the NANOG
mailing list