Misguided SPAM Filtering techniques
Owen DeLong
owen at delong.com
Wed Oct 24 00:14:06 UTC 2007
On Oct 23, 2007, at 1:48 PM, Christopher Morrow wrote:
> On 10/23/07, Jack Bates <jbates at brightok.net> wrote:
>> I really don't get it. While I understand with tcp/25 blocking,
>> there is
>> absolutely no reason to block tcp/587. If credential's are being
>> hijacked, it is
>
> morrowc$ telnet mail.ops-netman.net 26
> Trying 71.246.230.124...
> Connected to mail.ops-netman.net.
> Escape character is '^]'.
> 220 A host is a host from coast to coast... Hosty-host ESMTP...
>
> why don't people just run a new version of their MTA on a port
> not-filtered?? The simple fact is that port-25 filtering does help, it
> does also seem to piss off some portion of 'smart folks' (power users,
> whatever you choose to call them). So, being smart, just work your
> box(es) such that this isn't a problem for you?
>
I want to make it clear... I don't mind people filtering either 25 or
587,
but, blocking both is highly unacceptable. Even more unacceptable
in my opinion is hijacking connections to either off to your own
man-in-the-middle attack server.
Owen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2481 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20071023/aecd51ad/attachment.bin>
More information about the NANOG
mailing list