On Sep 3, 2008, at 12:49 PM, Jay R. Ashworth wrote:
On Wed, Sep 03, 2008 at 09:40:20AM -0700, Michael Thomas wrote:
"Allowing unfiltered public access to port 25 is one of the things that increases everyone's spam load, and your ISP is trying to be a Good Neighbor in blocking access to anyone's servers but their own; many ISPs are moving towards this safer configuration. We're a good neighbor, as well, and support Mail Submission Protocol on port 587, and here's how you set it up -- and it will work from pretty much anywhere forever."
I think this all vastly underrates the agility of the bad guys. So lots of ISP's have blocked port 25. Has it made any appreciable difference? Not that I can tell. If you block port 25, they'll just use another port and a relay if necessary.
You're forgetting that 587 *is authenticated, always*.
I'm not sure how that makes much of a difference since the usual spam vector is malware that has (almost) complete control of the machine in the first place.