On Sun, Apr 25, 2004 at 04:11:08PM -0500, Edgar Lovecraft wrote:
> > In particular, it is important to make sure that you can't deliver
> > arbitrary incoming mail on port 587, but that it can only be used for a
> > mail transaction once some form of authentication has taken place, or
> > spammers will just start using that, and we'll be back to where we
> > started. :-/
> Duh... That is what the standard is for ;)
> Anyone who implements a very poor MSA setup deserves what they get.
You're missing my point. The reason we have closed tcp/25 in various
places is to try and stop arbitrary delivery from within networks. If
people are implementing 587 allowing non-authenticated local delivery,
then eventually, these networks will be forced to block tcp/587 too.
So it doesn't just affect them (to deserve what they get), it affects
all of us.
MBM
--
Matthew Byng-Maddick <mbm@???> http://colondot.net/
(Please use this address to reply)
