Customer-facing ACLs
Christopher Morrow
morrowc.lists at gmail.com
Tue Mar 11 02:33:06 UTC 2008
On Mon, Mar 10, 2008 at 7:58 PM, Ang Kah Yik <mailinglist at bangky.net> wrote:
>
> Hi Justin (and all others on-list)
>
> I understand your grounds for blocking outbound SMTP for your customers
> (especially those on dynamic IP connections).
> It probably will do good to block infected customers that are spewing
> spam all over the world.
>
> However, considering the number of mobile workers out there who send
> email via their laptops to corporate SMTP servers, won't blocking
> outbound SMTP affect them?
>
vpns fix this...
> Since these corporate types (I'm guessing here) are probably unaware of
> how to change their email client's SMTP configurations, chances are that
> blocking outbound SMTP will probably cause quite a lot of pain.
>
uunet dialup has blocked port25 in both directions since 2002...
little to no complaints. (well, they may have received complaints
since I left, but... thank John StClair for the work behind that
filtering actually.)
> After all, there are also those who frequently move from place to place
> so they're going to have to keep changing SMTP servers every time they
> go to a new place that's on a different ISP.
>
many config's actually just use WCCP to transparently redirect your
smtp to an authorized SMTP server as Andy Dills points out.
-Chris
More information about the NANOG
mailing list