[unisog] Port 25 blocking - on the

Russell Fulton r.fulton at auckland.ac.nz
Sat Apr 30 15:54:56 GMT 2005


On Fri, 2005-04-29 at 14:18 -0400, Wyman Miles wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> I went through this as mail admin at Rice.  The eventual plan, launched 
> over my objections, was to run another SMTP instance on port 2525.  We 
> required TLS and AUTH.
> 
> In my mind, providing a non-standard mail port is to knowingly circumvent 
> the security policies of someone else's network.
> 

I don't see this as an issue.  The reason ISPs port 25 blocks is to
prevent spammers using 'bots on the ISPs network to send spam (or
perhaps more cynically to stop their address blocks getting into RBLs).
How does your offering SMTP (suitably secured) on a different port
subvert this measure?  And even if it did one could argue (I'm sure
Randy would and I'd agree ;) that they are wrong to do this since they
are simply attacking a symptom instead of dealing with the real problem
which is that their customers have compromised machines on their
network.

One thing to remember about port numbers is that they are just
convenient conventions, there is nothing magical about 25 :)  and such
measure would not work at all if MX records included port numbers as
well as IP addresses.

-- 
Russell Fulton, Information Security Officer, The University of Auckland
New Zealand
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2201 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20050501/f63018c7/smime.bin


More information about the unisog mailing list