Re: Final Words on "Educating RDNS violators" - Debunking the Myth's [?? Probable Spam]

From: Hexis (
Date: 09/11/04

  • Next message: Liran Cohen: "Re: Security (maybe basic) question"
    Date: Fri, 10 Sep 2004 18:00:52 -0500

    On Fri, 03 Sep 2004 18:26:31 -0400, Derek Schaible
    <> wrote:
    > On Fri, 2004-09-03 at 15:36, LordInfidel wrote:
    > >Think about this though, if you are able to relay mail thru your ISP's
    > >SMTP server, which most ISPs allow you to do, then why run your own
    > >outbound SMTP server, that does not make sense
    > It makes a lot of sense. Doing so allows you to provide SMTP AUTH for
    > road warriors, gives you local control over spam/av filtering, many
    > reasons depending on your imagination.

    False. There is no reason that you can not maintain an AUTH SMTP
    server which also relays via the ISP's mail server.

    > AOL is a different animal. Typically, I don't believe they provide any
    > SMTP servers for customers. You are supposed to use their sorry email
    > client. In fact, many of my users who use AOL at home suddenly lost the
    > ability to even connect to our SMTP servers through port 25. AOL started
    > blocking outbound traffic to port 25 for all but their SMTP servers. I
    > had to run qmail on an upper port and reconfigure their mail clients for
    > them to continue using our servers.

    AOL is a very different animal. Other ISPs should take notice. They
    have done a lot to combat spam and other SMTP abuse on the net.

    They have embraced the concept of a submission port. Something other
    than port 25 for clients to talk to servers on (587 to be exact).
    It's a good idea. Differentiate server to server traffic from client
    to server traffic. In addition, AOL has not allowed direct port 25
    outbound for some time. They have forced proxied it through a set of
    mail relays. Those relays are pretty safe to block in most cases.
    Realistically how many cable/dsl/dialup (consumer/dynamic/whatever)
    connected hosts should be talking to the world on port 25?

    > Many other ISP's are following suit. Why? in an effort to prevent their
    > customers from sending spam. They stop you from reaching outside SMTP
    > servers through normal means, forcing the average joe to relay through
    > their network. This breaks even your own SMTP server. You must relay in
    > these instances. Since AOL did this, I've found 4 other ISP's that
    > followed suit just among the user-base of road warriors where I work.

    Many ISPs are following suit because the 800lb gorilla (AOL) is
    leading the way, and it's a lot easier to block 25 than it is to get a
    massive base of cable/dsl/dialup/whatever users to clean up infected
    PCs and not get infected again. If only Comcast would do the same

    Computer Forensics Training at the InfoSec Institute. All of our class sizes
    are guaranteed to be 12 students or less to facilitate one-on-one
    interaction with one of our expert instructors. Gain the in-demand skills of
    a certified computer examiner, learn to recover trace data left behind by
    fraud, theft, and cybercrime perpetrators. Discover the source of computer
    crime and abuse so that it never happens again.

  • Next message: Liran Cohen: "Re: Security (maybe basic) question"