[clug-talk] Did shaw shut down external ports?
gustin at echostar.ca
Tue Jun 19 15:05:02 PDT 2007
-----BEGIN PGP SIGNED MESSAGE-----
William Astle wrote:
> Gustin Johnson wrote:
>> Even though I have provided a work around (the ports 587 and 465) for my
>> clients, how long until the spammers begin to use these ports as well?
>> At best this policy of Shaw's provides short term respite while doing
>> nothing to combat the actual problem. I would rather they spend our
>> money more effectively.
> 587 is not supposed to accept anything at all unless it is
> authenticated. If you've simply deployed it as a clone of port 25, you
> should probably consider changing it to require authentication and not
> accept local mail delivery (unless it's authenticated of course).
I have seen a few cases already where 587 was simply a clone of 25. I
assume nothing here :)
> Assuming the majority of people deploy 587 correctly (authenticated
> submissions only), there's no percentage for the spammers to switch to
> using it. And yes, I am practicing what I preach here; my servers do
> require authentication on port 587. It was a trivial configuration
As always, RTFM is almost never a bad thing, unless the funny manual is
> All that said, as has been pointed out recently, there is really no gain
> to arguing about the merits of Shaw's policy. Even NANOG differs
> on whether that's a good idea.
> I now return you to your regularly scheduled list traffic.
>  Yes, we all know what happens when you assume
>  It required reading documentation on sendmail and adding a single
> flag to the port options for 587. If you're using something else, it
> should be the same process. Read the documentation and then implement it.
>  North American Network Operators Group (www.nanog.org)
>  has flame wars about
At least our discussion is still civil :)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the clug-talk