http://www.completewhois.com
Hey, I'm a big fan. Good site.
1. Some locations (specially airport wireless, etc) actually do full
port filtering in way that only well known ports are open.
I guess this only works if 587 becomes "well-known" in this sense, but that
doesn't seem unreasonable. Blocking it by default is probably a mistake.
2. A non-standard port that is 100% open just like regular SMTP is bound
to soon be known and start to be abused.
That would be true if everyone used the same one, but if small numbers of
people are involved you just pick a number out of a hat that doesn't
conflict with an existing one. I suppose a really sophisticated worm could
sniff all traffic looking for where the mail is going, but we're nowhere
near there yet. If there are more than a few people involved then a real
authentication facility is probably advisable anyway.
Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blog.ziffdavis.com/seltzer
larryseltzer(_at_)ziffdavis(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg