At 3/4/04 8:15 AM, Colin Viebrock wrote: >The problem, I guess, is that if there is a "standard" port for SMTP >(25) and a "standard alternative" port for SMTP (587), then ISPs are >going to start blocking both.
This is a common misconception, but just the opposite is true: port 587 is intentionally intended to be left open when port 25 is blocked. Port 587 must be configured to only accept authenticated outgoing mail from users known to the system -- it does not accept unauthenticated incoming mail, so it can't be used for spam. So the reason for port 587 is specifically to make sure that there is an open port allowing authenticated mail submission when port 25 is blocked. Major ISPs know not to block it; for example, there was recently a statement from AOL on SPAM-L saying that their customers who need to bypass port 25 blocking should use port 587 instead, because AOL intentionally leaves that open for this purpose. >I think a combination of SPF and SRV records are probably the ultimate >answer to this. Not sure what "this" is in this context. Although they may (or may not) help fight spam, SPF and SRV don't solve port 25 blocking by large ISPs, which is increasingly more common and will probably eventually be universal. >p.s. BTW, what email programs are defaulting to port 587 for outbound >mail? Balsa is one; I believe there are other minor ones. It's admittedly not anything like Outlook Express (yet). -- Robert L Mathews, Tiger Technologies http://www.tigertech.net/ "Ignorance more frequently begets confidence than does knowledge." -- Darwin
