nanog mailing list archives
Re: Outgoing SMTP Servers
From: Graham Beneke <graham () apolix co za>
Date: Wed, 26 Oct 2011 06:29:04 +0200
On 26/10/2011 04:35, Blake Hudson wrote:
An infected machine can just as easily send out mail on port 587 as it can using port 25. It's not hard for bot net hearders to come up with a list of valid credentials stolen from email clients, via key loggers, or simply guessed through probability. I see it every day.
The difference is that it is the relay that accepts the spam on 587 that ends up on the blacklists. A mail server with a sysadmin that might care and probably sees business impact in not fixing the problem. As apposed to an end user that doesn't give a hoot. Compromised mail authentication details are quick and easy to take down. A server mis-configured as an open relay on 587 is a one time fix. End users infected with nasties are a support desk blackhole. Hours of time explaining to moms and pops how to download anti-virus and install it and configure it and run it... -- Graham Beneke
Current thread:
- Re: Outgoing SMTP Servers, (continued)
- Re: Outgoing SMTP Servers William Herrin (Oct 28)
- Re: Outgoing SMTP Servers Mike Jones (Oct 28)
- Re: Outgoing SMTP Servers Brian Johnson (Oct 28)
- RE: Outgoing SMTP Servers McCall, Gabriel (Oct 28)
- Re: Outgoing SMTP Servers Jay Ashworth (Oct 30)
- RE: Outgoing SMTP Servers Tim (Oct 25)
- Re: Outgoing SMTP Servers Leigh Porter (Oct 26)
- Re: Outgoing SMTP Servers Blake Hudson (Oct 25)
- Re: Outgoing SMTP Servers J (Oct 25)
- Re: Outgoing SMTP Servers Blake Hudson (Oct 25)
- Re: Outgoing SMTP Servers Graham Beneke (Oct 25)
- Re: Outgoing SMTP Servers J (Oct 25)
- Re: Outgoing SMTP Servers Robert Drake (Oct 25)