Re: Finding a replacement for my ISP's smtp server

To: debian-user@lists.debian.org
Subject: Re: Finding a replacement for my ISP's smtp server
From: Jerry Stuckle <jstuckle@attglobal.net>
Date: Thu, 31 Jul 2014 15:34:46 -0400
Message-id: <[🔎] 53DA9A56.8080108@attglobal.net>
In-reply-to: <[🔎] 20140731190943.GL19277@copernicus.demon.co.uk>
References: <[🔎] 27072014130049.5cf50ed3a4a9@desktop.copernicus.demon.co.uk> <[🔎] 20140728140229.32ad99ba@bonifac.skk> <[🔎] 28072014145359.36b1c2183ed1@desktop.copernicus.demon.co.uk> <[🔎] 53D65F5B.1070305@attglobal.net> <[🔎] 28072014174804.fdd19e1d8245@desktop.copernicus.demon.co.uk> <[🔎] 20140728221209.7ddeca72@jretrading.com> <[🔎] 20140731143730.GJ19277@copernicus.demon.co.uk> <[🔎] 53DA5837.7050002@attglobal.net> <[🔎] 31072014173505.d888f60ee4b8@desktop.copernicus.demon.co.uk> <[🔎] 53DA8E3F.1030705@attglobal.net> <[🔎] 20140731190943.GL19277@copernicus.demon.co.uk>

On 7/31/2014 3:09 PM, Brian wrote:
> On Thu 31 Jul 2014 at 14:43:11 -0400, Jerry Stuckle wrote:
> 
>> On 7/31/2014 12:47 PM, Brian wrote:
>>>
>>> One would expect the ISP's strategy to factor in the sophistication of
>>> malware. which is presumably sophisticated enough to be able to use port
>>> 25.
>>
>> Which is why many ISPs now block Port 25 from residential users.
> 
> The point of my remark was that malware can operate on port 25 so there
> is nothing to prevent it operating on port 587. I was actually agreeing
> with you when you said "Nothing". 
>

Yes, but Port 587 requires (or at least should require) a login; Port 25
never does for email destined for the domains being served by that MTA.

>>>> Not impossible, by any means.  But much harder than just sending over
>>>> port 25, which requires none of the above.
>>>
>>> The ISP's concern is (or should be) the customers who allow sending of
>>> spam "without the knowledge of the users of those computers". These
>>> same incompetent customers are now all going to start encrypting the
>>> usernames and passwords used for sending email?
>>
>> Most MUAs can already encrypt the password (and sometimes the userid) if
>> it is saved on the disk.  Thunderbird does this, for instance.  I assume
>> Outlook does also, although I haven't checked it.
>>
>> I should add the malware would also have to know the MTA the
>> userid/password are for.  Again, not impossible by any means - but just
>> one more thing the malware has to discover.
> 
> I think that once you get to discussing the capabilities of the malware
> it acknowledges that port 587 presents no more problems to the malware
> than port 25; it simply depends on how good the malware is.  Which, as I
> originally queried, brings into question the efficacy of ISPs mandating
> its use.
> 
> I'll not ask for ISP facts and figures to show how good port 587 is for
> them.
> 
> 

Yes, it does - again, Port 587 requires a login - which adds a huge
layer of complexity to the malware.

Jerry

Reply to:

Follow-Ups:
- Re: Finding a replacement for my ISP's smtp server
  - From: Brian <ad44@cityscape.co.uk>

References:
- Re: Finding a replacement for my ISP's smtp server
  - From: Brian <ad44@cityscape.co.uk>
- Re: Finding a replacement for my ISP's smtp server
  - From: Slavko <linux@slavino.sk>
- Re: Finding a replacement for my ISP's smtp server
  - From: Brian <ad44@cityscape.co.uk>
- Re: Finding a replacement for my ISP's smtp server
  - From: Jerry Stuckle <jstuckle@attglobal.net>
- Re: Finding a replacement for my ISP's smtp server
  - From: Brian <ad44@cityscape.co.uk>
- Re: Finding a replacement for my ISP's smtp server
  - From: Joe <joe@jretrading.com>
- Re: Finding a replacement for my ISP's smtp server
  - From: Brian <ad44@cityscape.co.uk>
- Re: Finding a replacement for my ISP's smtp server
  - From: Jerry Stuckle <jstuckle@attglobal.net>
- Re: Finding a replacement for my ISP's smtp server
  - From: Brian <ad44@cityscape.co.uk>
- Re: Finding a replacement for my ISP's smtp server
  - From: Jerry Stuckle <jstuckle@attglobal.net>
- Re: Finding a replacement for my ISP's smtp server
  - From: Brian <ad44@cityscape.co.uk>

Prev by Date: Re: dev/log in jail
Next by Date: Re: systemd requires kernel to have CONFIG_CGROUPS enabled -> installer check!
Previous by thread: Re: Finding a replacement for my ISP's smtp server
Next by thread: Re: Finding a replacement for my ISP's smtp server
Index(es):
- Date
- Thread