Re: [Exim] AOL blocks SSL/TLS?

On Sun, 21 Apr 2002, Suresh Ramasubramanian wrote:

> +++ James P. Roberts <Sunday 21 April 2002 07:33 am>:
> > instead of my server! Yes, that's right, AOL actually dares to
> > hi-jack/intercept packets!!!! It is the moral equivalent of opening
> > someone else's mail, and not only that, but answering the sender on the
> > recipient's behalf, without the recipient ever seeing the mail!!!!!
>
> Better than the huge flood of skr1p7 k1dd33 attacks (and open relay hijackers)
> operating from AOL before they proxied things. And just _how_ many AOL users
> would normally know what a packet is, if it up and bit them on the ass? :)

Actually, its not a proxy server, its an actual SMTP relay. They force
all outbound SMTP traffic from their dialups through their own server.
Its their way of preventing their customers from hijacking open relays.

I'm fairly certain they dont proxy other traffic. Eg, you should be able
to telnet (or preferrably, ssh, of course) without your traffic being
hijacked. Its just port 25 thats affected. Of course, I havent had an
occasion to test this in quite a long time, so they might have made
their policy more stict since then..

> That said, set up exim to listen on the MSA port (587) as well. That should
> (ideally) solve the problem for you. And it is more RFC kosher than weird
> ports like 25000, 2525 etc.

I was also going to recommend this. Hopefully there wont be many open
relays listening on port 587, so this should never be a problem.