SRV records (was Re: [Mimedefang] OT: www. and "lazy users")
Jeff Rife
mimedefang at nabs.net
Tue May 16 14:51:05 EDT 2006
On 16 May 2006 at 14:29, David F. Skoll wrote:
> > Such a mechanism now exists (SRV records)
> > but no browsers use them.
>
> Sigh... I wish SRV records were more widely used. It would elminate
> pesky ISPs from blocking your SMTP server, for example (unless they block
> *all* inbound TCP connections.) It would make so many things so much easier
> if you could run them on non-standard ports.
But, would this be good or bad in the context of this list (i.e., mail
filtering)?
With a zombied PC able to use SRV records to determine that domain.tld
has their incoming mail server listening on port 2525, e-mail spam and
virii will flow even more freely than they do now. Currently, an ISP
can block outgoing connects to port 25, and as long as they have a
system where a responsible person can get the block lifted, then it's a
*very* good thing.
Even though I'm not much of an organization (just a small home
network), I block outgoing on port 25 at my firewall, except from my
mail server. This way, if something gets through the anti-virus, it
won't hurt the rest of the world.
--
Jeff Rife | "Ho! Ha, ha! Guard! Turn! Parry!
| Dodge! Spin! Ha! Thrust!"
|
| -- Daffy Duck, "Robin Hood Daffy"
More information about the MIMEDefang
mailing list