Full Disclosure mailing list archives
Re: Proposal: how to notify owners of compromised PC's
From: Phil Brutsche <phil () tux obix com>
Date: Wed, 28 Jan 2004 17:37:59 -0600
petard wrote:
Sorry for a borderline off-topic reply, but I'm cc-ing the list so this is in the archives, in case any stupid ISP reads this and thinks it's a good idea. It isn't.
<sending this to the list as well, since not enough people are doing the proper research>
I left my ISP about 9 months ago because they implemented this very policy. It entirely destroyed my ability to send email from my preferred address. Our SMTP setup at example.com relays mail from people claiming to be @example.com if and only if they have been authenticated using a client X.509 certificate issued by the example.com root certificate authority.
Then put SMTP on a different TCP port. RFC 2476, which specifies TCP port 587 to be a message submission port for MUAs, was specifically created to address this issue.
-- Phil Brutsche phil () tux obix com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Proposal: how to notify owners of compromised PC's Erik van Straten (Jan 28)
- <Possible follow-ups>
- Re:Proposal: how to notify owners of compromised PC's Thomas Zangl - Mobil (Jan 28)
- Re: Re:Proposal: how to notify owners of compromised PC's Jonathan A. Zdziarski (Jan 28)
- Re:Proposal: how to notify owners of compromised PC's Erik van Straten (Jan 28)
- Re: Proposal: how to notify owners of compromised PC's petard (Jan 28)
- Re: Proposal: how to notify owners of compromised PC's Phil Brutsche (Jan 28)
- Re: Proposal: how to notify owners of compromised PC's petard (Jan 28)
- Re: Proposal: how to notify owners of compromised PC's Phil Brutsche (Jan 29)
- Re: Proposal: how to notify owners of compromised PC's Åke Nordin (Jan 29)
- Re: Proposal: how to notify owners of compromised PC's petard (Jan 28)
- Re: Proposal: how to notify owners of compromised PC's Dave Sherohman (Jan 29)