Re: Finding a replacement for my ISP's smtp server

To: debian-user@lists.debian.org
Subject: Re: Finding a replacement for my ISP's smtp server
From: Jerry Stuckle <jstuckle@attglobal.net>
Date: Thu, 31 Jul 2014 14:43:11 -0400
Message-id: <[🔎] 53DA8E3F.1030705@attglobal.net>
In-reply-to: <[🔎] 31072014173505.d888f60ee4b8@desktop.copernicus.demon.co.uk>
References: <[🔎] CADQD7YWtRF0xNRYmw5vrZ8heYpmc3d0DZMAz8pzgD6SaYcAzQg@mail.gmail.com> <[🔎] 20140727090329.GA25374@bryant.redmars.org> <[🔎] 27072014130049.5cf50ed3a4a9@desktop.copernicus.demon.co.uk> <[🔎] 20140728140229.32ad99ba@bonifac.skk> <[🔎] 28072014145359.36b1c2183ed1@desktop.copernicus.demon.co.uk> <[🔎] 53D65F5B.1070305@attglobal.net> <[🔎] 28072014174804.fdd19e1d8245@desktop.copernicus.demon.co.uk> <[🔎] 20140728221209.7ddeca72@jretrading.com> <[🔎] 20140731143730.GJ19277@copernicus.demon.co.uk> <[🔎] 53DA5837.7050002@attglobal.net> <[🔎] 31072014173505.d888f60ee4b8@desktop.copernicus.demon.co.uk>

On 7/31/2014 12:47 PM, Brian wrote:
> On Thu 31 Jul 2014 at 10:52:39 -0400, Jerry Stuckle wrote:
> 
>> On 7/31/2014 10:37 AM, Brian wrote:
>>>
>>> The reason for doing it given is generally along the lines of:
>>>
>>>    Much of the current use of port 25 is by computers that have been
>>>    infected by malware and are sending spam without the knowledge of
>>>    the users of those computers. Port 587 improves security through
>>>    the use of required authentication and recommended TLS/SSL
>>>    encryption. 
>>>
>>> What I do not understand is what prevents the malware (assuming it can
>>> signicantly control the machine) from using the same authentication to
>>> send spam as before. Isn't this back to square 1?
>>
>> Nothing, if the malware can get the userid and password.  However, to do
>> so you have to store the information on your machine.  Additionally, the
>> malware has to know which MUA you're using (to figure out where the
>> userid and password are stored), and if your MUA has encrypted the
>> information, how to decrypt it.
> 
> One would expect the ISP's strategy to factor in the sophistication of
> malware. which is presumably sophisticated enough to be able to use port
> 25.
>

Which is why many ISPs now block Port 25 from residential users.

>> Not impossible, by any means.  But much harder than just sending over
>> port 25, which requires none of the above.
> 
> The ISP's concern is (or should be) the customers who allow sending of
> spam "without the knowledge of the users of those computers". These
> same incompetent customers are now all going to start encrypting the
> usernames and passwords used for sending email?
> 
> 

Most MUAs can already encrypt the password (and sometimes the userid) if
it is saved on the disk.  Thunderbird does this, for instance.  I assume
Outlook does also, although I haven't checked it.

I should add the malware would also have to know the MTA the
userid/password are for.  Again, not impossible by any means - but just
one more thing the malware has to discover.

For instance, I use my own mail server for most of my email; this
account is used for non-business related stuff.

Jerry

Reply to:

Follow-Ups:
- Re: Finding a replacement for my ISP's smtp server
  - From: Brian <ad44@cityscape.co.uk>

References:
- Finding a replacement for my ISP's smtp server
  - From: Paul E Condon <pecondon@mesanetworks.net>
- Re: Finding a replacement for my ISP's smtp server
  - From: Jonathan Dowland <jmtd@debian.org>
- Re: Finding a replacement for my ISP's smtp server
  - From: Brian <ad44@cityscape.co.uk>
- Re: Finding a replacement for my ISP's smtp server
  - From: Slavko <linux@slavino.sk>
- Re: Finding a replacement for my ISP's smtp server
  - From: Brian <ad44@cityscape.co.uk>
- Re: Finding a replacement for my ISP's smtp server
  - From: Jerry Stuckle <jstuckle@attglobal.net>
- Re: Finding a replacement for my ISP's smtp server
  - From: Brian <ad44@cityscape.co.uk>
- Re: Finding a replacement for my ISP's smtp server
  - From: Joe <joe@jretrading.com>
- Re: Finding a replacement for my ISP's smtp server
  - From: Brian <ad44@cityscape.co.uk>
- Re: Finding a replacement for my ISP's smtp server
  - From: Jerry Stuckle <jstuckle@attglobal.net>
- Re: Finding a replacement for my ISP's smtp server
  - From: Brian <ad44@cityscape.co.uk>

Prev by Date: systemd requires kernel to have CONFIG_CGROUPS enabled -> installer check!
Next by Date: Re: Finding a replacement for my ISP's smtp server
Previous by thread: Re: Finding a replacement for my ISP's smtp server
Next by thread: Re: Finding a replacement for my ISP's smtp server
Index(es):
- Date
- Thread