On Wednesday 02 August 2006 14:37, Marc Perkel took the opportunity to say: > Why not just eliminate the SMTP protocol for end users and keep SMTP as > a server to server protocol and have users send theit email to the > server by extending POP/IMAP to send email. It created an authenticated > connection back to the server where the POP/IMAP server hands it off to > the SMTP server. That way email clients aren't using the same protocol > as email servers.
Why? It's not, like, that MUAs try to deliver directly to the recipient MX. If
all ISPs block port 25 outbound, it doesn't matter what protocol end users
use to submit their mail to their local MTA. Otherwise, zombies can still try
to connect directly, and you'll have to rely on DUL and other blacklists to
figure out which IP addresses belong to end users.
> I think part of the problem is that the receiving SMTP server can't tell
> if email is coming from another SMTP server or a virus infected spam
> zombie.
Yes, but that problem isn't solved by using a different protocol to submit
mail. How are you going to enforce it, without also blocking port 25
outbound? That, or a global whitelist, is the necessary and sufficient
condition for stopping direct zombie connections.
--
Magnus Holmgren [EMAIL PROTECTED]
(No Cc of list mail needed, thanks)
pgpPDmRa1exve.pgp
Description: PGP signature
