nanog mailing list archives
Re: ingress SMTP
From: Joel Jaeggli <joelja () bogus com>
Date: Wed, 10 Sep 2008 17:20:58 -0700
Jay R. Ashworth wrote:
On Wed, Sep 03, 2008 at 12:58:53PM -0400, Nicholas Suan wrote:On Sep 3, 2008, at 12:49 PM, Jay R. Ashworth wrote:You're forgetting that 587 *is authenticated, always*.I'm not sure how that makes much of a difference since the usual spam vector is malware that has (almost) complete control of the machine in the first place.Well, that depends on MUA design, of course, but it's just been pointed out to me that the RFC says MAY, not MUST. Oops. Does anyone bother to run an MSA on 587 and *not* require authentication?
All my normal relay or lack thereof and delivery rules are in place on my 587 port. Of course muas's and mtas will also do tls as well as authentication over port 25 where available. I don't sea any reason to preclude a host that would be allowed to relay via 25 to do so via 587... Congruent policy makes administration simpler.
Cheers, -- jra
Current thread:
- Re: ingress SMTP, (continued)
- Re: ingress SMTP Justin Scott (Sep 03)
- Re: ingress SMTP Alan Hodgson (Sep 03)
- Re: ingress SMTP Jay R. Ashworth (Sep 03)
- Re: ingress SMTP Michael Thomas (Sep 03)
- Re: ingress SMTP Jay R. Ashworth (Sep 03)
- Re: ingress SMTP Nicholas Suan (Sep 03)
- Re: ingress SMTP Jay R. Ashworth (Sep 03)
- Re: ingress SMTP Valdis . Kletnieks (Sep 03)
- Re: ingress SMTP Tony Finch (Sep 04)
- Re: ingress SMTP David Champion (Sep 04)
- Re: ingress SMTP Joel Jaeggli (Sep 10)
- Re: ingress SMTP Robert E. Seastrom (Sep 11)
- Re: ingress SMTP Bill Stewart (Sep 12)
- Re: ingress SMTP Mark Foster (Sep 12)
- Re: ingress SMTP Matthew Moyle-Croft (Sep 12)
- RE: ingress SMTP Frank Bulk (Sep 13)
- Re: ingress SMTP Matthew Moyle-Croft (Sep 13)
- Re: ingress SMTP Suresh Ramasubramanian (Sep 13)
- RE: ingress SMTP Frank Bulk (Sep 13)
- Re: ingress SMTP Alec Berry (Sep 03)
- Re: ingress SMTP Stephen Sprunk (Sep 03)