-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
William Astle wrote: > Gustin Johnson wrote: >> Even though I have provided a work around (the ports 587 and 465) for my >> clients, how long until the spammers begin to use these ports as well? >> At best this policy of Shaw's provides short term respite while doing >> nothing to combat the actual problem. I would rather they spend our >> money more effectively. > > 587 is not supposed to accept anything at all unless it is > authenticated. If you've simply deployed it as a clone of port 25, you > should probably consider changing it to require authentication and not > accept local mail delivery (unless it's authenticated of course). I have seen a few cases already where 587 was simply a clone of 25. I assume nothing here :) > Assuming[1] the majority of people deploy 587 correctly (authenticated > submissions only), there's no percentage for the spammers to switch to > using it. And yes, I am practicing what I preach here; my servers do > require authentication on port 587. It was a trivial[2] configuration > change. As always, RTFM is almost never a bad thing, unless the funny manual is dead wrong... > All that said, as has been pointed out recently, there is really no gain > to arguing about the merits of Shaw's policy. Even NANOG[3] differs[4] > on whether that's a good idea. > > I now return you to your regularly scheduled list traffic. > > > [1] Yes, we all know what happens when you assume > > [2] It required reading documentation on sendmail and adding a single > flag to the port options for 587. If you're using something else, it > should be the same process. Read the documentation and then implement it. > > [3] North American Network Operators Group (www.nanog.org) > > [4] has flame wars about At least our discussion is still civil :) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGeFMOwRXgH3rKGfMRAmxyAJ9cpJ1BhUIUB3dBxMEzdsb1iU4MSQCggCuE 6EZKudoYQ6K6py8JswQytyg= =Slfz -----END PGP SIGNATURE----- _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
