On Tue, Sep 4, 2012 at 10:44 AM, Jay Ashworth <jra@baylink.com> wrote:
There are no "good" subscribers trying to send email direct to a remote port 25 from behind a NAT.
Users, like myself, running Linux on home computers and laptops; our local sendmail-equivalents will in fact attempt direct delivery to remote SMTP MX servers, and we generally move around enough that setting a smarthost is semi-impractical, at least on laptops.
I'm a bad subscriber, Bill?
Okay, fair enough. There are no good users *expecting* to send email direct to a remote port 25 from behind a NAT. There are some good users who occasionally run slightly sloppy configurations which might attempt spurious port 25 connections. Good to block port 25. Not good to knee-jerk ban users whose machines happen to poke the port once or twice. Regards, Bill Herrin -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004