der Mouse wrote:
Now what happens to all the small businesses that use MS-Exchange
to send email?
[T]hey get a sharp lesson in [...] how a non-spammer looking enough
like a spammer will get treated like a spammer.
I see no more need to support direct-to-MX-from-Exchange [...]
Direct-to-MX-from-Exchange? That's what it's _supposed_ to do. It's
the MTA.
Right. But it's an unusually badly behaved one. Exchange is good
groupware with a bad MTA duct-taped onto the side.
That was true of archaic Exchange implementations. Eg: the infamous
"Exchange 5" (aka IIS 5). As was Sun Sendmail SMI 4.1.
But, reasonably recent Exchange is just fine in SMTP.
A consumer level site may see a different mix of MTAs than we do, but
it's been our experience that Exchange as an outbound is generally not a
problem, and we see lots of perfectly legit email from Exchange servers.
Many small-to-medium businesses lack the expertise to run something else.
I wouldn't dream of blocking an email based on a p0f signature of
"Windows" (tho, maybe Win95, 98 ;-) I'd score it.
And if there were some way to identify Exchange, all its getting a free
pass would mean would be that bitnet herders would mass-install
Exchange on their zombies and send through it - or, perhaps even more
likely, just forge whatever Exchange indicator(s) get(s) widely used.
If there was some way to identify windows via passive O/S
fingerprinting, all that giving anything else a free[r] pass would mean
that the botnet herders would get something to fake that something else.
Hint: it's already in BOTs. And that's _all_ I'm going to say about that.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg