On 21/09/2018 15.34, Per Jessen wrote:
Carlos E. R. wrote:
On 21/09/2018 02.10, Per Jessen wrote:
Carlos E. R. wrote:
On 20/09/2018 15.09, Per Jessen wrote:
Carlos E. R. wrote:
On 20/09/2018 12.57, Knurpht-openSUSE wrote: > Op donderdag 20 september 2018 18:50:21 CEST schreef Carlos E. > R.: >> On 20/09/2018 11.39, Per Jessen wrote: >>> Carlos E. R. wrote: >>>> On 20/09/2018 10.28, Per Jessen wrote: >>> [snip] >> I find blocking 25 intrusive on my freedom. > > Well, don't blame the ISPs, blame the spammers that made them > block 25. Years ago when my ISP started blocking they sent out a > nice letter, explaining why. I could live with that. FWIW, their > Enterprise programs do have 25 open.
Well, Telefonica did not, and there are spammers everywere.
T-Mobile (USA) doesn't.
Mobile operators, tmk, don't really have any significant problem with mobile phones being hijacked and abused. (trojans).
Then it is not a real policy issue.
Policy? No, I don't think it is a policy issue, it's simply about an easy and practical way to prevent lots of spam being sent.
You only need to block relay use. Ie, nobody can relay without a password, no matter the port.
Public mail servers, such as those receiving mails for "jessen.ch", "gmx.es", "opensuse.org" etcetera, have a port 25 open, for everyone. They cannot tell who is going to want to transfer some mail to them, they _must_ accept everyone, also a script-kiddie or a hijacked PC behind a Telefonica ADSL line. There is _no_ authentication involved, there is _no_ open relaying involved.
In your case, by Bell blocking _outgoing_ port 25, they are putting a very effective stop to the script-kiddies and the hijacked PCs. As does Bluewin and numerous other Swiss and European providers.
No, not quite. :-) opensuse.org, for instance, will only accept email which destination is mail list, employers, or whoever holds an @opensuse.org address. Or maybe others for which this is the handling server. Without authentication. But it will refuse to accept an email which destination is carlos@tlefonica.net, because that would be acting as a relay for improper usage. gmx.es will accept without authentication emails for *@gmx.es, but if someone attempts to send to carlos@telefonica.net will ask for authentication; if this fails, the post will be denied. It is quite simple, actually. The port used has no relevance, the behaviour is basically the same. -- Cheers / Saludos, Carlos E. R. (from openSUSE 15.0 (Legolas))