Jo Rhett wrote:
That's a hack with consequences. Like "just disable the firewall".
Uh, no ;-)
Lots of users of this host have Windows PCs, and running SA on all
outbound mail has both alerted them quickly to the problem and avoided
nailing other people with spam and/or virus runs.
Something seems out of order here.
First, even if this isn't what you meant, I must set the record
straight... requiring SMTP password-authentication is NOT a hack.
Instead, that is a security feature. I'm not sure if you meant that
differently, but I state this just to be on the safe side.
Second, you do require SMTP authentication, right? Because not doing so
would likely open up your server as an "open relay". Additionally, the
vast majority of the spams and viruses that you referred to would not
have a chance of using your server to nail "other people" with spams or
viruses if you required SMTP authentication.
Most not-large-isp mail servers do just fine NOT spam filtering SMTP
password-authenticated messages with many years going by between any
single incident of a spam or virus being sent from that server.
The main reason larger ISPs must do some spam filtering on their
outbound mail sent from members of that ISP is because
(a) they do NOT use SMTP password-authentication and, instead, allow
relaying simply based on the message originating from a particular block
of IPs (very bad form... but the large ISPs can't find an easy way to
convert millions of users over to SMTP authentication). If that is your
situation, then I probably stand corrected as far as your situation is
concerned.
..OR..
(b) they are a heavily abused service.. such as freemail providers where
criminals sign up to try to send spam. Therefore, they should do
outbound filtering even on authenticated mail.
Otherwise, SMTP password-authenticated e-mail should almost always not
be filtered, or be minimally filtered.
Rob McEwen
