Keep me in CC.
> > If I ran an ISPs mail server, I would:
> > 1) disallow connections to port 25 from my customers
> > 2) have my customers use port 587 (MSA), require authentication, and only
> > allow the sender to be the authenticated sender (to prevent spoofing.
> > NULL senders would be ok)
> > 3) port 25 would never relay under any circumstances (that is excluding
> > domains that I mx for)
> > 4) deny access to port 25 to the internet from my customers. I would allow
> > this for dedicated (static IP) users so they could host their own server.
> > however, they would be responcible for security of their system (IE no
> > open relay)
> >
> > Ok, you may ask why I'd do #1. Simple, It would stop virus email from ever
> > being sent out from a customer. The exception is the virus that uses the
> > user's MUA. If the user does not store their password, no problem. #4
> > would prevent an emailing virus from spreading (given what I stated before)
>
> And what about viruses having their own SMTP engine?
That was the idea. It would stop those cold.
if the virus can't contact any server via port 25, how will it spread via
email with it's own engine? that's basically what 1 and 4 were for (I guess
3 would add to it).
--
Lab tests show that use of micro$oft causes cancer in lab animals
