[AusNOG] SMTP Submission port 587 discussion / request

Noel Butler noel.butler at ausics.net
Thu Aug 19 16:15:59 EST 2010


On Thu, 2010-08-19 at 14:44 +1000, Stephen Gillies wrote:


> 
> Port 25 outgoing connections, block or not?
> ===========================================
> 
> It is common practice for Australian ISPs to block outgoing port 25


Negative, it is not common practice, the ones that do, are in the vast
minority.


> The methodology supporting the blocking of port 25 is to limit the
> ability for subscriber PCs infected with malware to send SPAM.
> 


Agreed.


> Upholding this view, the Internet Industry Association of Australia
> (iia.net.au) provides the following Best Practice statement:
> 
> "Where technically and commercially viable, operators of equipment (such
> as LNS or RAS hosts) which terminates user sessions with  dynamically
> allocated addresses MUST cause such sessions' outgoing  connections to
> be dropped where they are attempting to contact a remote host on TCP
> port 25."
> 


it's like BCP 38, but not many adhere to it either, BCP's are not
standards, so they shouldn't be emphasizing "MUST".

To enforce no 25 out, means having a clued helpdesk, and one that's
willing to spend time hand holding clueless users on setting it up, it's
just too much hassle for the big guys, and understandably so.



> 
> Internationally, the implementation of SMTP submission TCP port 587 is
> widespread, and many blacklist maintainers suggest ISPs use SMTP
> submission(1).
> 

Agreed.



> A request to all Australian ISPs
> ================================
> 
> I'd like to suggest the implementation of RFC2476 across all Australian
> broadband networks so as to provide end user subscribers the option of
> using SMTP submission via TCP port 587.
> 


What's with broadband networks? I believe it should be /every network/
regardless of size or nature of business (be it TPG, or some country
town local IT shop offering 6 dialup lines), many here recall 15 or so
years ago when most people only had a brand spankin new super duper
speedy fast 14k dialup modem, and the havoc that was able to be wreaked
with that.


> Google and Yahoo! have recognised this benefit, and provide
> authenticated outgoing submission on TCP port 587 as their standard
> email configurations(3).



yeah, and look at the crud they emit, that's almost justification not to
use it :)


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20100819/88f9ab42/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: stock_smiley-1.png
Type: image/png
Size: 873 bytes
Desc: not available
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20100819/88f9ab42/attachment.png>


More information about the AusNOG mailing list