Blocking MX query
bill at herrin.us
Tue Sep 4 17:22:39 UTC 2012
On Tue, Sep 4, 2012 at 10:44 AM, Jay Ashworth <jra at baylink.com> wrote:
>> There are no "good" subscribers trying to send email direct to a
>> remote port 25 from behind a NAT.
> Users, like myself, running Linux on home computers and laptops; our local
> sendmail-equivalents will in fact attempt direct delivery to remote SMTP MX
> servers, and we generally move around enough that setting a smarthost is
> semi-impractical, at least on laptops.
> I'm a bad subscriber, Bill?
Okay, fair enough. There are no good users *expecting* to send email
direct to a remote port 25 from behind a NAT. There are some good
users who occasionally run slightly sloppy configurations which might
attempt spurious port 25 connections.
Good to block port 25. Not good to knee-jerk ban users whose machines
happen to poke the port once or twice.
William D. Herrin ................ herrin at dirtside.com bill at herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004
More information about the NANOG