Re: Mail Submission Protocol

[Leen Besselink <leen () consolejunkie net>]

On Wed, Apr 21, 2010 at 10:05:34AM -0400, Mike Walter wrote:
> We have had very good luck with using port 587 and requiring the users
> to authenticate to send email from outside our network. 
>
> Inside customers, we have not changed to force port 587 and
> authentication for email clients, but the topic has come up in
> discussions.  This won't of course, stop spammers if they are hijacking
> the users local email client settings.

It does however help find the user more easily (if the mailserver logs the username),
you can even automate sending an email to them and block them from sending any further
email (with exception to support-staff for example).

> -Mike
>
> -----Original Message-----
> From: Claudio Lapidus [mailto:clapidus () gmail com] 
> Sent: Wednesday, April 21, 2010 9:49 AM
> To: nanog () nanog org
> Subject: Mail Submission Protocol
>
> Hello all,
>
> At our ISP operation, we are seeing increasing levels of traffic in our
> outgoing MTA's, presumably due to spammers abusing some of our
> subscribers'
> accounts. In fact, we are seeing connections from IPs outside of our
> network
> as many as ten times of that from inside IPs. Probably all of our
> customers
> are travelling abroad and sending back a lot of postcards, but just in
> case... ;-)
>
> So we are considering ways to further filter this traffic. We are
> evaluating
> implementation of MSA through port 587. However, we never did this and
> would
> like to know of others more knowledgeable of their experiences. The
> question
> is what best practices and stories do you guys have to share in this
> regard.
> Also please let me know if you need additional detail.
>
> thanks in advance,
> cl.