spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Patrick Sneyers <cg...@bulckens.com>
Subject Re: What changes would you make to stop spam? - United Nations Paper
Date Wed, 02 Aug 2006 07:58:13 GMT

Op 2-aug-06, om 07:31 heeft Tom Ray het volgende geschreven:

>> Totalitarian regimes will *love* that one. ISPs will hate it.
>>
>>
> Hate to break the news to you but many ISPs are already not  
> allowing their users to connect via port 25 outside their networks.  
> Comcast has done it, as have a few others already. I run into this  
> a lot because I'm also a hosting company and offer SMTP Auth but  
> many customers have issues because they can't connect to port 25 on  
> my mail server. I also totally agree with this practice, if they  
> are going to be on the hook for something their users did then they  
> need to keep a watchful eye on their customers.
>
> ISPs don't hate this considering that many ISPs now do hosting,  
> it's a way for them to get their customers to bring the hosting  
> over to them also.

Dynamic IP users are not allowed to send mail directly. Any MTA  
should be behind static IP with proper DNS and PTR. What's wrong with  
that?

All major ISP's in Belgium do this. We use a "high" SMTP port + SMTP- 
AUTH for our mobile users, so they can use the company MTA as a relay.
The day the one major DSL ISP started blocking 25 a couple of years  
ago, incoming virus count dropped by about 90%.

As a SMB, we run our own MTA. We recently started blocking all hosts  
without PTR. Email _is_ critical to the business, rather have a bunch  
of FN's then one FP, so we are careful not to drop a mail too many.  
No complaints so far.

To contribute to the original request:
Require all legitimate MTA to greet with a valid hostname, whose IP  
points back to that hostname. And then block anything that doesn't  
meet this requirement.


Patrick Sneyers
Belgium



Mime
View raw message