ietf-mxcomp
[Top] [All Lists]

RE: [DEPLOY] General Issue w/ISPs blocking Port 25

2004-09-06 20:09:12

-----Original Message-----
From: owner-ietf-mxcomp(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-mxcomp(_at_)mail(_dot_)imc(_dot_)org]On Behalf Of Matthias 
Leisi
Sent: Monday, September 06, 2004 3:30 PM
To: IETF MARID WG
Subject: [DEPLOY] General Issue w/ISPs blocking Port 25

Since a few days, I check for SPF records at the MTA, and I noticed one
particular issue. I'm not sure whether the drafts (-submit) are the
right place to mention this issue, or whether some BCP would be
appropriate.

I've encountered a number of ISPs where users are unable to do outbound
connections with dst port 25, but are limited to the ISPs Smarthost.
Although I haven't seen it yet, but I suspect that Port 587 as per RFC
2476 (Message Submission) may be blocked as well if it's use is adopted
more widely.

Obviously, that is pretty efficient to stop certain categories of junk
(-sources), and is generally not an issue, if the Smarthost allows
arbitrary 821/822 From's.

However, with strict SPF (or SenderId) checking, this /does/ become an
issue, since a domain owner will most likely not add some random
Smarthost to the list of designated mailers.

-submitter mentions the use of SUBMIT briefly, but maybe the
implications of the (how common?) blocking of dst port 25 should be
mentioned.

Is use of SUBMITTER were clarified as I suggested here:

http://www.imc.org/ietf-mxcomp/mail-archive/msg04034.html

Then transparent redirection would no longer be an issue, because the PRA
should be in the domain of the smarthost.  If the smarthost uses a SUBMITTER
from it's domain and an appropriate RFC 2822 header so it validates, the
domain owner you mention doesn't have to worry about this.

Scott Kitterman


<Prev in Thread] Current Thread [Next in Thread>