John Rudd wrote:
Robert - eLists wrote:
What stops your customers from submitting to port 25 on your port 25
machines, when they're out roaming (ie. not on an IP address from which
you have blocked port 25 traffic)?
What stops them from submitting on port 25 is admin-ing it so that
"no smtp
auth" is available on port 25
That wont stop them from submitting on port 25. That will stop them
from relaying through port 25. So this wont "isolate viruses", as the
virus can still run rampant through your own user base.
Really. This isn't an anti-virus solution. It's an anti-relaying
solution.
The idea is that you would close port 25 to consumers as part of the
solution. Actually ideally all cable modems and DSL modems should
provide NAT and have port 25 closed by default. But it should be
settable so people who are sharp can turn off the blocking. But you have
to be smart enough to decide to do that.
The idea is that most people using email are dumb consumers who don't
know and don't care what a port is. And if the world were set up by
default to let them talk on port 587 to their SMTP server then they
don't need to know they don't have port 25 access. This would isolate
viruses and if you can create some significant isolation then the bot
armies die out. Viruses is something that can be beaten.
- Re: Re Thoughts on Isolating Viruses - Port 587 Submission Marc Perkel
-
