Author: Christian Schmidt Date: To: exim-users Subject: Re: [exim] Port Tests to Verify the Sending Hosts
Hallo John,
John W. Baxter, 10.03.2005 (d.m.y):
> First, Marc probably isn't planning to do this test with known white hat
> mail servers from large organizations (that well describes the type of site
> where inbound and outbound SMTP are separate IPs and the senders aren't
> listening on the inbound ports)...he probably skips a bunch of his
> server-related testing for those sites.
>
> Second, spam engines these days are "somewhat likely" to be found on
> infected Windows machines connected via DSL or Cable, and owned by Aunt Jane
> or Uncle Albert who never heard of "update" or "service pack" or "security"
> or "never open unknown attachments."
Mails from machines like these can often be rejected using DULs...
> In that environment, it is highly unlikely that the compromised computer is
> listening on port 465 (if it is, it's the spam engine doing it).
Or a slightly misconfigured "home server". You will almost never
definitely know - and that's why Marc's approach doesn't get my
sympathy...
> And it's
> also highly unlikely that even if the computer is listening, the world will
> see that. Few such machines are set up such that the world-facing IP is the
> machine's IP (our DSL users *can* set up that way...only one or two have,
> and neither Jane or Albert is capable of doing so--a Cable user may well not
> be able to, and many DSL users may not be able to either).
Many, but not all... ;-)
Regards,
Christian Schmidt
--
Lieber eine Glatze, als überhaupt keine Haare.
