Marc Perkel wrote:
Jari Fredriksson wrote:
[EMAIL PROTECTED] wrote:
If port 25 were blocked from consumers and they were forced to talk to
servers on port 587, even without authentication, then a server could
distinguish consumers from other servers. I think this kind of
configuration could be used to help isolate virus infected computers
from spamming and spreading.
What would prevent virus infected computers from using the port 587 of
that would be the common usage?
What would prevent it is that if you use separate servers or separate IP
addresses for email that your are recieving from other servers than the
ones that you use for outgoing customers then port 587 would be closed.
587 would only be open for customers (usually authenticated) on machine
sending, not receiving email. Port 25 would become a server to server
port and 587 would be a user to server port. Users would have port 25
blocked so they can't talk to the server to server traffic.
So, what about your customers who are out roaming, using random
hot-spots at cafe's, with their laptops, who want to send an outgoing
email using the same client that they use when their laptop is at home?
Why can't they connect to the same mail server, using the same port they
always do, using SMTP-AUTH to prove who they are, and thus send their
outbound email. If you make them change ports just because they're
roaming, then you're making their mail server configurations needlessly
complicated.
Yet, because they're on an IP you don't own (and that they don't own,
depending on how you register your "customer IP's"), you can't easily
detect whether or not they're your customer until they do the SMTP-AUTH.
So blocking 587 to IPs that aren't known to you will keep your
customers from having roaming laptops, smart cell phones, etc. And
blocking port 25 to IPs that are known to you wont keep your customers
from trying port 25 (if they happen to be out roaming).
Roaming users are a reality that every non-trivial mail service needs to
support.
