Blocking MX query

William Herrin bill at herrin.us
Tue Sep 4 12:22:39 CDT 2012


On Tue, Sep 4, 2012 at 10:44 AM, Jay Ashworth <jra at baylink.com> wrote:
>> There are no "good" subscribers trying to send email direct to a
>> remote port 25 from behind a NAT.
>
> Users, like myself, running Linux on home computers and laptops; our local
> sendmail-equivalents will in fact attempt direct delivery to remote SMTP MX
> servers, and we generally move around enough that setting a smarthost is
> semi-impractical, at least on laptops.
>
> I'm a bad subscriber, Bill?

Okay, fair enough. There are no good users *expecting* to send email
direct to a remote port 25 from behind a NAT. There are some good
users who occasionally run slightly sloppy configurations which might
attempt spurious port 25 connections.

Good to block port 25. Not good to knee-jerk ban users whose machines
happen to poke the port once or twice.

Regards,
Bill Herrin


-- 
William D. Herrin ................ herrin at dirtside.com  bill at herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004



More information about the NANOG mailing list