Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: How do you stop outgoing spam?

  • From: Dave Crocker
  • Date: Tue Sep 17 23:37:18 2002

At 02:11 PM 9/16/2002 -0400, Greg A. Woods wrote:
> 2. The issue with email is authentication, not privacy.  Authentication can
> be achieved can be achieved easily over port 25, without encryption.

Well, no, not securely it can't.  You cannot have a secure authenticated
service running over a raw TCP circuit across public networks.
1. You are adding to the requirement. No matter how reasonable or advisable, encryption (privacy) is a separate function from authentication. And the rationale for doing port 25 port blocking has to do with accountability, not privacy.

2. Just so there is no confusion, I meant encryption as in privacy (content encryption) rather than as part of an authentication mechanism.

3. SMTPAUTH does not require an alternate port, yet it is sufficient for ensuring accountability. Hence it is sufficient for dealing with the reason that port 25 is blocked, without requiring that it be blocked.


>  Hence, blocking port 25 blocks legitimately validated email,
> as well as possible spam.

Well, yes, but obviously that doesn't matter.  This is the real world Dave.
Thanks for noticing that. That is why I keep citing the impact on real, mobile users and the implication for such minor opportunities such as wireless hotspots.

d/

----------
Dave Crocker <mailto:dave@tribalwise.com>
TribalWise, Inc. <http://www.tribalwise.com>
tel +1.408.246.8253; fax +1.408.850.1850





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.