nanog mailing list archives
RE: Outgoing SMTP Servers
From: John van Oppen <jvanoppen () spectrumnet us>
Date: Wed, 26 Oct 2011 21:12:07 +0000
On our retail footprint we block outbound traffic from customers with dynamic IPs towards port 25, our support tells them to use their ISP's port 587 server.... That being said, since all of our home users have 50 mbit/sec or greater upload speeds we are pretty paranoid about the amount of spam that could be originated. We don't block anything on static assignments. Honestly, even as a very geeky user, I probably would not have noticed the block and I can confirm that it is massively important to lowering our spam footprint as a network. I asked our support people, and none of them had ever really had an issue with this policy in terms of keeping customers. I agree with Ricky's current comment on this thread, blocking is unfortunately necessary on the modern consumer portions of the internet. Thanks, John van Oppen -----Original Message----- From: Owen DeLong [mailto:owen () delong com] Sent: Monday, October 24, 2011 9:37 PM To: Dennis Burgess Cc: nanog () nanog org Subject: Re: Outgoing SMTP Servers On Oct 24, 2011, at 9:29 PM, Dennis Burgess wrote:
I am curious about what network operators are doing with outbound SMTP traffic. In the past few weeks we have ran into over 10 providers, mostly local providers, which block outbound SMTP and require the users to go THOUGH their mail servers even though those servers are not responsible for the domains in question! I know other mail servers are blocking non-reversible mail, however, is this common? And more importantly, is this an acceptable practice?
It's both unacceptable in my opinion and common. There are even those misguided souls that will tell you it is best practice, though general agreement, even among them seems to be that only 25/tcp should be blocked and that 465 and 587 should not be blocked.
Most of our smaller ISPs that we support; we allow any outbound SMTP connection, however we do watch residential users for 5+ outbound SMTP connections at the same time. But if the ISP has their own mail
servers, and users wish to relay though them, we basically tell them to use their mail server that they contract with. What is the best practice?
Best practice is to do what works and block as much SPAM as possible without destroying the internet in the process. There are those who argue that blocking 25/tcp does not destroy the internet. By and large, they are the same ones who believe NAT was good for us. Owen
Current thread:
- Outgoing SMTP Servers Dennis Burgess (Oct 24)
- Re: Outgoing SMTP Servers Owen DeLong (Oct 24)
- RE: Outgoing SMTP Servers Dennis Burgess (Oct 24)
- Re: Outgoing SMTP Servers Bjørn Mork (Oct 25)
- Re: Outgoing SMTP Servers Carlos Martinez-Cagnazzo (Oct 25)
- RE: Outgoing SMTP Servers Dennis Burgess (Oct 25)
- Re: Outgoing SMTP Servers David E. Smith (Oct 25)
- Re: Outgoing SMTP Servers Carlos Martinez-Cagnazzo (Oct 26)
- Re: Outgoing SMTP Servers Randy Bush (Oct 25)
- Re: Outgoing SMTP Servers Owen DeLong (Oct 24)
- Re: Outgoing SMTP Servers Jeroen van Aart (Oct 25)
- RE: Outgoing SMTP Servers John van Oppen (Oct 26)
- RE: Outgoing SMTP Servers up (Oct 26)
- Re: Outgoing SMTP Servers Owen DeLong (Oct 25)
- Re: Outgoing SMTP Servers Aftab Siddiqui (Oct 25)
- Re: Outgoing SMTP Servers Scott Howard (Oct 26)
- Re: Outgoing SMTP Servers Jeff Kell (Oct 26)