Valdis.Kletnieks@vt.edu wrote:
On Fri, 25 Feb 2005 12:56:50 EST, andrew2@one.net said:
Sorry, I misread that. But I still fail to see how 587 changes that. Trojans, viruses, etc. etc. etc. can still exploit the authentication system regardless of what port it operates on. Different port, same old problems.
It changes it only in that it becomes a *lot* easier for you to track down which of your users has a compromised machine. (It's a lot easier to just look at the Received: headers than have to take the hostname, chase it back through your logs, and all that - especially if the user is roaming and just caught something over their Aunt Tilly's unsecured wireless access point....)
Yes. Authenticated SMTP makes tracking down which of your users is doing the spamming easier. But you're assuming that SMTP AUTH isn't being used on port 25 already. You can do SMTP AUTH just as easily on port 25 without having to re-educate your users and still net the same simplified tracking procedures that you mention. It sounds to me like what we should really be talking about is getting MTA operators to begin using SMTP authentication of some kind (any kind!), rather than harping on whether or not MTA's should accept mail on port 587... Andrew