[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Proposal: how to notify owners of compromised PC's

petard wrote:

Sorry for a borderline off-topic reply, but I'm cc-ing the list so this
is in the archives, in case any stupid ISP reads this and thinks it's a
good idea. It isn't.

<sending this to the list as well, since not enough people are doing the proper research>

I left my ISP about 9 months ago because they implemented this very
policy. It entirely destroyed my ability to send email from my preferred
address. Our SMTP setup at example.com relays mail from people
claiming to be @example.com if and only if they have been authenticated
using a client X.509 certificate issued by the example.com root
certificate authority.

Then put SMTP on a different TCP port. RFC 2476, which specifies TCP port 587 to be a message submission port for MUAs, was specifically created to address this issue.

--

Phil Brutsche
phil@tux.obix.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html