Ok, I think some clarification is in order.
On 4/12/2005 7:02 AM, Larry Seltzer sent forth electrons to convey:
> <that random ports should be used, and that if 465/587 became common,
spammers would adapt to using them instead of 25.>
Larry, I think you're a bit confused (assuming my paraphrasing of your
statements is accurate). 465/587 are being suggested as alternatives
for 25 because the ONLY way to send spam (or legitimate email) using
SMTP is over port 25. Let me explain.
Briefly (and with some simplification), this is how systems send mail to
an Internet email address:
1) Look up the IP of the machine that receives mail for the domain.
2) Open up a TCP connection to that IP ON PORT 25.
3) Send the message.
The machines that receive Internet email for domains via SMTP from
systems with which there is no prior relationship do not receive that
mail on ports other than TCP port 25.
There's no way that's going to change in the foreseeable future (ie.
flying pigs, or 100% adoption of SPF WITH end-user roll-out, '-all'
records AND SRS are more likely).
Let's assume that there's massive adoption of mail submission via
465/587, and of port 25 blocking. It will still be the case that all
mail sent via 465/587 will then be sent via the 3-step process above,
via port 25. So the port 25 blocking will remain effective. It will
not be possible for spammer's zombies to send mail by following the
3-step process above. Why? The only machines they will be able to reach
via port 25 will be their/the zombie's ISP's mail servers. And if they
try to send spam via 465/587, they will be sending via machines that are
relays, as these will be the only machines listening on those ports.
These (closed) relays (which are not port 25-blocked) are managed by ISPs.
Make sense?
BTW, have you looked at CSV?
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg