25 Oct
2010
25 Oct
'10
10:37 a.m.
Hoi,
On Mon, Oct 25, 2010 at 10:12 AM, Manfredo Miserocchi <mis(a)wari.net> wrote:
does none of you use to block port 25 outbound on
mailservers ?
The ISP I used to work for was admittedly a business customer
oriented
one, but we had the corporate philosophy to offer unrestricted and
open internet to all of our access customers. This means we
fundamentally would not block any outbound ports.
The actual problem is that a mobile customer cannot
send out his e-mail from his ISP mailserver, but only from the
mobile company one. If this will result true, it will be a strong limitation on the
market.
My counsel: chose another ISP and take your business to a place which
does not chose the cheap way out (filter for all, ignore the
collateral damage).
I believe the best possible choice is to offer by-default restricted
(filtered inbound, outbound whatever seems reasonable for the ISP) but
allow users to move to a different configuration which is unfiltered
entirely. The ISP can detect bad behavior/infected machines (for
example search for VIRBL) and force migration to a third (quarantine)
pool, or if they don't want to do that, put the user in the restricted
pool again.
groet,
Pim
--
Pim van Pelt <pim(a)ipng.nl>
PBVP1-RIPE - http://www.ipng.nl/