[Mimedefang] FTC asks ISPs to crack down on zombie PCs
WBrown at e1b.org
WBrown at e1b.org
Thu May 26 14:15:00 EDT 2005
mimedefang-bounces at lists.roaringpenguin.com wrote on 05/26/2005 01:23:56
PM:
> On Wed, 25 May 2005 14:41:52 -0500 (CDT), Ian Mitchell wrote
>
> > Privacy. TLS encryption from MTA to MTA through the ISP is a good
example.
>
> You can still run your own MTA, just it should forward all outbound mail
to
> the ISP MTA and not attempt any direct to MTA deliveries. If you have
TLS
> setup and your ISP has TLS capabilities it will remained encryted the
entire
> way, it will even remain encrypted if the recieving end has TLS too, if
the
> recieving end doesnt then you dont loose anything cause your own MTA
woudl
> have dropped it as well (the encryption that is).
If you TLS to the ISP's mail server, the ISP can still snoop the contents
(or let Big Brother have a copy if they supeona it.)
> > So there's not much hiding involved.
>
> You cannot hide from your ISP, they know who you are.... ;-)
Which is why the trick is to encrypt the traffic until it gets past the
ISP's reach. Look up "onion routing."
> Why would an ISP shutdown port 25 inbound? I see no logical reason to do
so,
> spam does not get delivered directly to a users desktop (at this time at
> least). The zombies are not controlled via port 25 inbound (at least any
I
> have seen). In other words, I know of no good reason to shutdown port 25
> inbound... now port 25 outbound, yes, definately for dynamic IP space.
To kill mail servers sitting inside their network (in violation of the
TOS). Adelphia did this to me. I didn't mind so much blocking inbound
port 80, but 25 rally honked me off!
More information about the MIMEDefang
mailing list