Time to check the rate limits on your mail servers

Nils Ketelsen nils.ketelsen at kuehne-nagel.com
Thu Feb 3 19:06:37 UTC 2005


On Thu, Feb 03, 2005 at 12:26:55PM -0500, Valdis.Kletnieks at vt.edu wrote:

> On Thu, 03 Feb 2005 12:16:41 EST, Jason Frisvold said:
> > Agreed.  And depending on your service, there are different ports
> > worth blocking.  For residential users, I can't see a reason to not
> > block something like Netbios.  And blocking port 25 effectively
> > prevents zombies from spamming.  Unfortunately, it also blocks
> > legitimate users from being able to use SMTP AUTH on a remote server..
> There's a *reason* why RFC2476 specifies port 587....


IIRC the starting point of this thread was, that Spammers now learned
to use the smarthost of the clients. When they are using that, why is it
more difficult for them to send their junk on port 587 instead of port 25?

As soon as the spammers on a big scale learn to use the same traffic
path the mailclients do, instead looking up MXes themselves,
this switching ports and blocking 25 that is proposed, will cause a lot of
work without any benefit. Same goes for SPF, BTW.

Only thing that puzzles me is, why it took spammers so long to go in
this direction.


Nils



More information about the NANOG mailing list