[Mimedefang] Re: MIMEDefang Digest, Vol 20, Issue 43

[Ian Mitchell]

> Date: Wed, 25 May 2005 13:37:44 -0400
> From: "James Ebright" <jebright at esisnet.com>
> Subject: Re: [Mimedefang] FTC asks ISPs to crack down on zombie PCs
>
> Yes, but in that scenario the "client" is relaying ALL of the mail through
> the
> ISPs mail server and not doing any direct-to-mta deliveries, which is what
> I
> suggested he do in my first response. ;-)
>

I forward only blocked messages through the ISP's MTA, everything else is
direct-to-mta delivered. And often times encrypted to prevent the ISP's
bored level 1 techs from reading juicy love letters ;)

Yet another reason I run my own ;)

I don't have an issue with the way the server is ran. I'm just suggesting
that ISP's not be too quick to cut off port 25. Now, there's nothing
saying that it can be freely activated to people who show they know what
they're doing (as mentioned previously). But I for one wouldn't like to be
the level 1 tech who has to manage that ACL.

The trick is to develop a system that can automatically identify between
freindly SMTP traffic and bot generated SMTP traffic. There are tools out
there that don't require the blanket shutting down of ports at the
firewall.