Why do so few mail providers support Port 587?
andrew2 at one.net
andrew2 at one.net
Fri Feb 25 19:45:40 UTC 2005
Valdis.Kletnieks at vt.edu wrote:
> On Fri, 25 Feb 2005 12:56:50 EST, andrew2 at one.net said:
>
>> Sorry, I misread that. But I still fail to see how 587 changes that.
>> Trojans, viruses, etc. etc. etc. can still exploit the authentication
>> system regardless of what port it operates on. Different port, same
>> old problems.
>
> It changes it only in that it becomes a *lot* easier for you
> to track down which of your users has a compromised machine.
> (It's a lot easier to just look at the Received: headers than
> have to take the hostname, chase it back through your logs,
> and all that - especially if the user is roaming and just
> caught something over their Aunt Tilly's unsecured wireless
> access point....)
Yes. Authenticated SMTP makes tracking down which of your users is
doing the spamming easier. But you're assuming that SMTP AUTH isn't
being used on port 25 already. You can do SMTP AUTH just as easily on
port 25 without having to re-educate your users and still net the same
simplified tracking procedures that you mention. It sounds to me like
what we should really be talking about is getting MTA operators to begin
using SMTP authentication of some kind (any kind!), rather than harping
on whether or not MTA's should accept mail on port 587...
Andrew
More information about the NANOG
mailing list