On 17 Nov, Tim Lavoie wrote:
Second defense: Outbound SMTP has to go through their server, not direct from random, unpatched Windows boxes which are always on-line.
And not direct from random fully secured linux firewall boxes I manage which are not infected, never have been, and probably never will.
They could make a case for blocking OUTBOUND SMTP, but why on earth do they need to block INBOUND SMTP!!! That has nothing to do with spam. That is a simple cash grab and screw-the-little-guy ploy to make someone running a tiny super low-volume micro-business server pay the exhorbitant static-IP address fees that, strangely, don't have SMTP blocked at all. Does that mean that people who have the dough to buy static IP's are any better at admin'ing their systems and not becoming bot zombies?
The more important point is: today they block outbound SMTP. Then they block inbound SMTP. Tomorrow they block, what? HTTP? SSH? P2P? FTP? VNC? I don't know about you, but I don't want my ISP controlling what traffic I can send. Sure, penalize or drop me if I go over the prescribed GB/month limits, but don't censor me.
Sure, you may love them blocking SMTP to limit the spam you get, but what happens when they block a port that is important to you? And I called them on it and made a formal complaint and they didn't give a rats ass. The best they could do is suggest I spoof incoming SMTP by using port 26 and a mail forwarder (which I had already done, but what a pain).
The end result of this multi-level defense is that an entire ISP has reduced the chance that its IP range is going to be clobbered by blocklists.
It's like government. Most functions should be pushed out to as low on the chain as possible. Aggregating functions up to the higher/highest level is usually counterproductive and inefficient in the end. In that sense it is my firm belief it is the individual mail server admins, or better yet the end users, who should have control over their anti-spam.
reasonably assured that my out-bound email won't be blocked, or if
And you can be reasonably assured that their overloaded mail servers will sometimes take hours to get your time-sensitive email out the queue. Shawmail often takes 12 hours+ to get mail through the smarthost. I'd much rather run my own mailserver, thank you.