Re: Jetico firewall

From: Jeffrey Goldberg <nobody@xxxxxxxxxxxx>
Date: Mon, 07 Aug 2006 15:52:08 -0500

Sebastian Gottschalk wrote:

Taylor, Grant wrote:

Ah. I see the mis-communications. I was referring to servers that send
a status code AFTER the completion of the DATA command. I.e. return a
4xy or 5xy status code to the DATA command's data.

Still undesirable. :-)

Why? It would be nice to reject earlier. But if you are going to make
decisions based on what is in DATA it is far better to do that during
the SMTP session than to accept and then generate your own DSN.

I've seen some ISPs that also filter 587 in addition to 25. Their ToS
specifically state that you are to send email, what ever method, out
through their servers. However they also have other higher packages
that do not do this filtering.

At one point I had an ISP with a simple, but sensible policy. All you
had to do was request for outbound 25 to be opened for you and they
would honour the request. The idea was that if you knew enough to ask,
you were OK and could take responsibility for spam from your machines.
Everyone else was presumed incapable of taking that responsibility.

Hopefully this is documented in their terms of services, [...]

I can't remember the details of the ISP described above. It was buried
deep in the ToS. You would only find it if you were looking for
information about outbound stuff being blocked.

I think I get your point of "notifying someone is often pointless". Am
I any where close?

Yes. Just add China, certain Eastern Europe countries and Russia, and
then you get a clue of the full impact.

The US remains the biggest source of spam.

-j

--
Jeffrey Goldberg http://www.goldmark.org/jeff/
I rarely read top-posted, over-quoted or HTML posts
My Reply-To address is valid.
.

Follow-Ups:
- Re: Jetico firewall
  - From: Sebastian Gottschalk

Prev by Date: Firewall settings to allow HTTPS connection to perl script?
Next by Date: Re: Jetico firewall
Previous by thread: Re: Jetico firewall
Next by thread: Re: Jetico firewall
Index(es):
- Date
- Thread

Relevant Pages

Re: Jetico firewall
... would honour the request. ... Everyone else was presumed incapable of taking that responsibility. ... "You cannot send mail with your mail program? ... information about outbound stuff being blocked. ...
(comp.security.firewalls)
Re: Nat - Read this one instead
... complied with your request to be call by your Nym. ... and he finds that quote and uses it to justify his ... if Jite never made another post here ... >he doesn't want to take any responsibility for that and you are only too ...
(alt.support.chronic-pain)
how to turn firewall down
... Enable 3 Allow outbound destination unreachable ... Enable 9 Allow inbound router request ... 23 TCP Enable Telnet Server ...
(comp.os.linux.networking)
Re: Nat - Read this one instead
... >>> immediately after the request. ... and he finds that quote and uses it to justify his ... he doesn't want to take any responsibility for that and you are only too ... victimized by criminals, you simply dismissed it as a lie. ...
(alt.support.chronic-pain)
Re: OT: WatchGuard questions
... that for the past 6 months, over 40,000 spam messages have been blocked. ... Manager 1 PC, 192.168.8.199 ... unblocked HTTP rule for servers so that they can get ... My Base rule set, outbound, has the following: ...
(microsoft.public.windows.server.sbs)