Well, "SPF" and "smtp port blocking / use our MTA enforcement" exclude
each other - it's not SPF's fault that ISPs block that port (if that's
the matter at all in this case).
IF it is the case as mentioned:
1. The user can't use his mailserver of choice, and therefore relies on
the bluewin mailservice (which I belive works well... - but I guess
there are lot of reasons why you rather use the MTA responsible for your
domain).
2. The same thing can be arranged by either contribute the IP-Range to a
DUL RBL, or some nice naming scheme (like dynip.bluewin.ch and
fix.bluewin.ch) so an a remote ISP can black/greylist the Range by using
the RBL or name of the host connecting.
3. The blocking of the port does not prevent sender forgery, which is
the goal of SPF. It "just" ensures that the postmasters at bluewin have
precious logfiles to see what mailtraffic is happening - and _maybe_
they are doing some woodoo to prevent nasty things.
4. IF they really filter the traffic and eliminate all the
UCE/UBE/Virii then I would say they are doing something to same cpu
cicles on our mailservers...
5. The options are rather limited and I assume straight forward
- change the ISP (rather pragmatic)
- get the feature disabled
- use the submission thingy (I wonder when MUAs switch to using this
port out of the box)
There is still the possibility of some other feature like a Firewall
between that blocks ECN or ICMP - in case you are using postfix, just
"clone" smtpd service and let it run on port (your favorite alternate
smtp port) - if the customer can telnet to that port but not to your
smtp port the thing boils down to a smtp-filter.
On Mit, Dez 08, 2004 at 19:18:49 +0100, Roger Schmid wrote:
> that's why noone really using SPF.
> .. btw, not only bluewin is doing this, others will follow.. so be
> prepared.
There are some techniques out there that exclude each other, it would be
REALLY nice if the postmasters on this world would come to a common
mailpolicy - ah sorry, it's 3:54am - I'm dreaming with eyes open...
my 2c
Philipp
--
_;\_ Philipp Morger / PHM2-RIPE System & Network Administrator
/_. \ Dolphins Network Systems AG Phone +41-1-847'45'45
|/ -\ .) Email: <[EMAIL PROTECTED]>
-'^`- \; Don't send mail to: [EMAIL PROTECTED]
_______________________________________________
swinog mailing list
[EMAIL PROTECTED]
http://lists.init7.net/cgi-bin/mailman/listinfo/swinog
