Re: [EXIM] (un)blocking dynamic IP addresses [Was: A way to …

Top Page
Delete this message
Reply to this message
Author: Exim Users Mailing List
Date:  
To: exim-users
Subject: Re: [EXIM] (un)blocking dynamic IP addresses [Was: A way to do this?]
[ On Tuesday, April 20, 1999 at 16:54:02 (+0100), Chris Bannister wrote: ]
> Subject: Re: [EXIM] (un)blocking dynamic IP addresses [Was: A way to do this?]
>
> On 20 Apr 99, at 8:19, michael@??? wrote:
>
> > I do not redirect port 25, because I want users to be free to send mail on
> > their own, but most people use that for spamming through open relays.
>
> They do? Where are the figures that you base this assumption on?
> Anyone running an open relay deserves any problems they are having.
> There are guides for every MTA I have seen to secure the relaying to
> those hosts/networks you wish to provide relaying.


Most people don't know they're running an open relay until the
complaints start flooding in, and even then some of them don't realize
what's really going on (often because they get all worked up over the
complaints and fail to see the facts). Until very recently 99% of the
installations of the most common MTA on the Internet defaulted to
running open, and until recently most of the alternative mailers,
especially those that might run on non-Unix platforms, could not be
configured to block open relaying.

Even though newer mailers like Exim were quick to respond to the need
for default blocking of open relaying, you cannot assume that everyone
is even able to close down their own mailer on quick notice, never mind
that mailer's come that way by default because many don't (yet).

99.9% of the spam I get that's forwarded through open relays comes from
"throw-away" accounts on one of the big end-user dial-up providers.
I've heard all kinds of excuses from these providers too, from forged
credit card numbers to free trial accounts and such, but most of them
are the "$9.95/month" variety that anyone can get with a quick phone
call.

> If my ISP redirected my port 25 connections, I'd have to contact them
> to find out a) if the router that is doing the redirection has
> failed, and b) if there mail server has failed. I'd rather not have
> this extra layer of hardware/software to contend


Not quite. You'd be able to see what you connected to when you tried to
connect to some arbitrary host's port-25, and if you get a banner from
your ISP's mail server then you know exactly who to contact and what to
ask them. Sure it's nice to have free access to the net, but you get
what you pay for.

-- 
                            Greg A. Woods


+1 416 218-0098      VE3TCP      <gwoods@???>      <robohack!woods>
Planix, Inc. <woods@???>; Secrets of the Weird <woods@???>


--
*** Exim information can be found at http://www.exim.org/ ***