North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: short Botnet list and Cashing in on DoS

  • From: Bill Stewart
  • Date: Mon Oct 11 13:55:06 2004

On Sun, 10 Oct 2004 15:06:17 -0400, James Baldwin <jbaldwin@antinode.net> wrote:
> 
> Pardon for my possibly ill informed interjection. I was under the
> impression that the current wind was blowing towards filtering outbound
> port 25 traffic while allowing outbound authenticated port 587 traffic?
> The though being that while this was not a FUSSP, it help to prevent
> unauthenticated "direct to mx" abuses.

Well, the wind blows where it wants...  
587 and its relatives are useful for enterprise firewall penetration
as well as for
environments where ISPs incorrectly block port 25, and they make it
possible to do
SPF and similar sender-ID protocols in those environments (which are
otherwise awkward.)
For an ISP, you don't just "allow" 587 - the normal definition of
Internet service is
to allow everything unless there's a good reason not to, as opposed to
deny-most firewalls.

We've had the "blocking port 25" discussion too many times before, and
I'll second
Paul Vixie's call to go implement BCP38 first.
----
             Thanks;     Bill

Note that this isn't my regular email account - It's still experimental so far.
And Google probably logs and indexes everything you send it.