[Top] [All Lists]

Re: [ietf-smtp] test for port 25 of sending MTA - for spam detection

2013-08-23 12:18:46
On Fri, Aug 23, 2013 at 09:23:31AM -0700, Ned Freed wrote:
On Fri, 23 Aug 2013, keld wrote:
Thi idea was to use it as a check in addition to DNSBL etc.

The advantage over DNSBL is that for DNSBL you first need to register
the offending site with DNSBL.

Not necessarily. See for instance

FWIW, I just checked the sending IP addresses a bunch of spam emails that
weren't listed at Spamhaus ZEN at time of delivery. A significant minority
of them (~ 40%) was listening on port 25.

At the same time, several IP addresses that were sending legitimate email

This is actually very common, and the larger the provider the more likely 
going to be. Large providers use different systems for inbound versus 
versus submission versus AS/AV. Separation of function makes all sorts of 
when you're talking about deployments with hundreds or even thousands of
individual systems.

Yes I understand that large organisations have separate receiving and sending 
As they are large, they can probably be identified in some way.
Maybe by the block owner of the IP address. Or some reverse lookup.
 I do recoqnise that this is probably the hard part.
A DNSWL  (DNS White List ala DNSBL) would probably be a part of the system.

I am not talking about sender address verification, but rather
something like sender MTA verification.
And I did not want to see if the MTA is SMTP compliant, I just want to
see if port 25 is open, a ping would do.

Oh, I see there is So simple solution: Ping sender IP, if Open then 
if not then ask Would that do it? Has it been done?

Best regards
ietf-smtp mailing list