North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: How do you stop outgoing spam?
- From: Dave Crocker
- Date: Tue Sep 17 23:37:18 2002
At 02:11 PM 9/16/2002 -0400, Greg A. Woods wrote:
1. You are adding to the requirement. No matter how reasonable or
advisable, encryption (privacy) is a separate function from
authentication. And the rationale for doing port 25 port blocking has to
do with accountability, not privacy.
> 2. The issue with email is authentication, not privacy. Authentication can
> be achieved can be achieved easily over port 25, without encryption.
Well, no, not securely it can't. You cannot have a secure authenticated
service running over a raw TCP circuit across public networks.
2. Just so there is no confusion, I meant encryption as in privacy
(content encryption) rather than as part of an authentication mechanism.
3. SMTPAUTH does not require an alternate port, yet it is sufficient for
ensuring accountability. Hence it is sufficient for dealing with the
reason that port 25 is blocked, without requiring that it be blocked.
Thanks for noticing that. That is why I keep citing the impact on real,
mobile users and the implication for such minor opportunities such as
> Hence, blocking port 25 blocks legitimately validated email,
> as well as possible spam.
Well, yes, but obviously that doesn't matter. This is the real world Dave.
Dave Crocker <mailto:firstname.lastname@example.org>
TribalWise, Inc. <http://www.tribalwise.com>
tel +1.408.246.8253; fax +1.408.850.1850