Re: Finding a replacement for my ISP's smtp server
On 7/31/2014 5:51 PM, Brian wrote:
> On Thu 31 Jul 2014 at 15:34:46 -0400, Jerry Stuckle wrote:
>
>> On 7/31/2014 3:09 PM, Brian wrote:
>>>
>>> The point of my remark was that malware can operate on port 25 so there
>>> is nothing to prevent it operating on port 587. I was actually agreeing
>>> with you when you said "Nothing".
>>
>> Yes, but Port 587 requires (or at least should require) a login; Port 25
>> never does for email destined for the domains being served by that MTA.
>
> I feel this is a repetition of a technical point we both agree on.
>
But the difference in requiring a login on Port 587 is a very important
difference. One you seem to be ignoring.
>>> I think that once you get to discussing the capabilities of the malware
>>> it acknowledges that port 587 presents no more problems to the malware
>>> than port 25; it simply depends on how good the malware is. Which, as I
>>> originally queried, brings into question the efficacy of ISPs mandating
>>> its use.
>>>
>>> I'll not ask for ISP facts and figures to show how good port 587 is for
>>> them.
>>
>> Yes, it does - again, Port 587 requires a login - which adds a huge
>> layer of complexity to the malware.
>
> I'm glad we can end this by both of us agreeing that "it simply depends
> on how good the malware is."
>
>
Yes, but the difference here is - sending to port 25 is pretty easy.
Sending via port 587 is MUCH harder. Hackers take the easy route; as
long as Port 25 is available, they will send through it. If Port 25
ever should become unavailable to a large percentage of users, they may
have to take the "hard" route.
Jerry
Reply to: