On Oct 23, 2007, at 1:28 AM, Adrian Chadd wrote:
On Tue, Oct 23, 2007, Dave Pooser wrote:
It seems to me that blocking port 25 by default and unblocking on request would be an ideal low-maintenance solution that would reduce spam considerably, and has the added benefit of being on-topic for NANOG.
For those of you who run Cisco kit; you can also use WCCPv2 to redirect 25/TCP -in hardware path without policy routing- to a farm of servers. Its actually documented in the WCCPv2 specification - you can redirect arbitrary TCP/UDP ports. Think of the possibilities. (I don't think the CRS does WCCP :P but it'll be in hardware path on 6500/7600 on anything >= SUP2/PFC2; 3560/3750/4500/4948; It'll also be in CEF path IIRC on software platforms.)
This behavior is exactly the kind of irritating misguided action which launched my initial complaint. The problem is that your server farm won't match my expectations for STARTTLS, which then prevents me from engaging SMTPAUTH and sending my mail. My mail severs aren't open relays, but, I am able to send email through them from any non-broken internet connection. The issue is the increasingly high percentage of internet connections which are becoming broken. So far, the only "justification" for this behavior posted is the inability of the folks in Redmond to deliver non-broken software such that a large enough fraction of portable machines are able to "credential hijack" from stored credentials on the machine and impersonate the operator while botted. I really wish we could find a way to punish the folks in Redmond and the people whose hosts are botted instead of punishing everyone else for their errors. Owen