Lyndon Nerenberg wrote:
Port 25 restrictions don't solve the problem. The real solution is for everyone to start leaning on their server vendors to deliver authenticated SMTP. If you restrict relaying to only work with authenticated connections, the problem goes away for the most part.
Port 25 restrictions did solve the problem. The problem was that we were being used for spamming. It was very expensive for us to deal with it. We cut it off. It worked. It solved the problem. This is simply a fact. These restrictions are certainly not the ultimate solution. But it will take time to get things like authenticated SMTP fully debugged and deployed. In the mean time is it unacceptable to have to deal with the spam complaints.
This solves another problem: mobile users. E.g., if I'm on the road doing corporate mail, I want to connect to my corporate mail server running encrypted SMTP. I certainly don't want my mail sitting on some random ISPs mail hub.
Then with port 25 restrictions, it should encourage them to implement and deploy it sooner. Then can use VPN tunnels, too. The alternatives exist.
I don't expect this to catch on in the client space in any major way until the issue is forced by the servers denying relay services to unauthenticated clients.
With the number of different points of administration for mail servers far exceeding the number of points of administration for dialup servers, it would take far more time and effort to ensure that all servers are closed off when the effort is directed at mail servers than at dialup. That does not mean I would suggest abandoning trying to make mail servers closed off for spammers. What I do propose, and do in practice, is both. Doing both increases the total effectiveness. -- -- *-----------------------------* Phil Howard KA9WGN * -- -- | Inturnet, Inc. | Director of Internet Services | -- -- | Business Internet Solutions | eng at intur.net | -- -- *-----------------------------* philh at intur.net * --