[Elecraft] Earthlink ISP problems
Denis Dimick
[email protected]
Sat Apr 19 23:24:00 2003
On Sat, 19 Apr 2003 [email protected] wrote:
>
>
> On Sat, 19 Apr 2003, Denis Dimick wrote:
>
> > I disagree,
> >
> > Port 25 is used for INCOMING smtp (mail) traffic. Not out-going.
> >
> > Out-going traffic uses any port to connect to the remote servers port 25.
> > Earthstink was not blocking this traffic, they only blocked incoming
> > requests to your port 25. This does next to nothing to stop SPAM.
> >
>
> Incoming vs outgoing depends on your point of view. As an NSP our,
> "customers" RETRIEVE their email using either POP2/POP3 on port 110 or
> IMAP on port 143. When they SEND email, they inject it to their SMTP
> server on port 25.
Dont know what an "NSP" is, so I'm going to assume it's some type of
ISP/Sudo ISP. No disrespect intended.. What you have decribed is the
standard mail setup. However Windows systems should never be runiing a
port 25 service. Most endusers send there mail out via port 25, 110 or
even 143 on their mail server, which in this case sounds like your
server(s).
>
> Beyond that fact, Earthlink does indeed take steps to block outbound (as
> in the customer attempting to connect to remote SMTP server) port 25
> requests to SMTP servers except theirs. And it does indeed to MUCH to
> thwart SPAM. You see, if the only SMTP servers that you can use are those
> of your ISP and those servers won't relay email for domains other than
> [INSERT.ISP.DOMAIN], the action causes a much more accurate SMTP header to
> be generated showing [ISP's Mailserver] as the injection point for the
> SPAM.
This is incorrect.. At least it has been for me.. I could connect to any
servers port 25. Only incoming requests to port 25 where blocked. You can
send mail, just not recieve it to your LOCAL server.
As for blocking users/domiains that fail a reverse-lookup, Earthstink
doesn't bother. Very few ISP's and even fewer mail servers do this. One on
the main reasons spam still happens.
>
> > I would bet that it had more to Earthstink re-writing the mail headers
> > then stopping SPAM..
> >
> > If you really want to stop spam, go look at a product called TMDA, google
> > will find the site. Have only gotton once e-mail spam in over a year of
> > using it..
>
> SPAM will only be stopped by modifying the bahavior of the
> Spammers. Short of that, taking away vectors of "anonymous" insertion is,
> from the NSP point of view, the most responsible approach. Filtering the
> mail at the delivery point does nothing to address the fact that the
> spammers are stealing transport service and causing undue server load.
I agree with you there, SPAM will only be stoped when the spamers are no
longer able to spam. But by not filtering on the local side, your doing
the same thing as accepting spam. If you/your users never see the spam,
then the spamers will stop sending it. I also use RTB's and block most of
Asia.
>
> Dennis, I do this for a living and have for the past decade. I am a
> member of the NSP Security community. I interact with the security
> personell at [insert ANY large network you want] on a nearly daily basis
> as part of my duties. I didn't pull this information out of thin air. It
> is valid and accurate.
Was not saying you pulled this out of the air, just that I think your
getting port 25 wrong. If your users are injecting e-mail into their local
servers, as in not your mail server and your not doing a reverse lookup to
ensure that their really who they claim to be, then your probally passing
spam along.
I also do this for a living, and have for some
time. I also work for a large gov. site. And deal with people everyday
with all sorts of idea's on how thing work, most of them wrong. Just
because someone has done something for a long time doesn't mean they know
what there doing.
>
> Please try to understand the protocols and security countermeasures prior
> to further spreading disinformation. For whatever reason, people tend to
> believe what they read and it is important that that information be
> accurate.
>
John, I still say you dont understand how smtp works.
> 73 de John - K4WTF
> President
> EnterZone, Inc
>
>