ISP filtering port 25
Ben Walton
bdwalton-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Mon Mar 17 16:48:03 UTC 2014
On Mon, Mar 17, 2014 at 4:32 PM, Lennart Sorensen
<lsorense-1wCw9BSqJbv44Nm34jS7GywD8/FfD2ys at public.gmane.org> wrote:
> On Mon, Mar 17, 2014 at 04:26:26PM +0000, Ben Walton wrote:
>> No, that's not what I'm saying. Change "not allowed to" to shouldn't.
>> Anyone capable of running a mail server properly doesn't need port 25
>> egress and those that aren't capable shouldn't. I'd argue that lists
>> like http://www.dnsbl.info/dnsbl-details.php?dnsbl=dul.dnsbl.sorbs.net
>> are very useful. Again, if you're clued in, you're perfectly able to
>> relay mail out using TLS and authentication. If not...well, you
>> probably shouldn't be sending the mail out.
>
> You would have to find someone (maybe your ISP) willing to do relaying
> for your domain (I suppose if you are authenticating as a valid user of
> the ISP, they should, given the mail can at least trace who is responsible
> for the email).
Yes, that's true, but it's a low barrier to entry for someone capable
of running a mail server that isn't a spam relay. :)
>
>> ISP's are doing the internet in general a favour by blocking this
>> port. It provides such an incredibly low signal to noise ratio that
>> blocking it to prevent spambots is the right choice. (ISP's blocking
>> _inbound_ tcp/25 is a different matter.)
>>
>> That's not to say it's without cost...it is unfortunate and I'd prefer
>> a network where this isn't required. That said, I'm a realist and the
>> genie is out of the bottle.
>
> Well at least teksavvy as far as I know will let you run with port
> 25 unblocked if you have a static IP although you may have to ask to
> be unblocked.
I'd be interested to know when RBL's have TekSavvy's static ranges included.
>
> I don't run a mail server myself. Sometimes I think I should, but it
> seems like work. :)
I used to do this, but stopped. I now configure enough of a local mail
system that cron mail, etc, gets relayed to someplace that I'll see it
but stop there. If you're running mail for a domain, either a paid for
VM running your stack of choice or a virtual mail hosting service is
the way to go anyway. The time and effort required to run anything
approaching decent is far to much for a hobby domain on your home
network.
Thanks
-Ben
--
---------------------------------------------------------------------------------------------------------------------------
Take the risk of thinking for yourself. Much more happiness,
truth, beauty and wisdom will come to you that way.
-Christopher Hitchens
---------------------------------------------------------------------------------------------------------------------------
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list