spf-discuss
[Top] [All Lists]

RE: Re: "extreme SPF" scenario for ISPs

2004-02-03 15:26:40
[David Brodbeck]
Ironically, Comcast *already* blocks port 25, but only incoming.  They
don't want their customers running their own mail servers.

That is amazing.  Most of these hijacked boxes don't get their instructions
via port 25, so it has no effect on the current epidemic of compromised home
systems.  Blocking outgoing port 25 connections from their broadband dynamic
IP pool to anywhere but their smarthost, while still allowing outgoing port
587 SMTP-AUTH connections to the internet at large, would solve the problem
without causing any customer inconvenience.  If any customer truly needs to
run an outgoing mailer, they can simply require them to buy a static IP.

Do you know anyone at Comcast who would listen to reason on this?  Perhaps I
have some basic misunderstanding.  If so, could someone please explain why
it might be difficult to enforce a policy such as the one above compared to
their current one of inbound port 25 blocking only?

--
Seth Goodman

off-list replies to sethg [at] GoodmanAssociates [dot] com



-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.5.txt
Wiki: http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡