[SpamCop-List] Re: Should I aggree with my ISP?

[John E. Malmberg]

Bodger wrote:
> Received this from my ISP this morning.

<snip>

> As part of a worldwide initiative aimed at reducing junk email
> (spam) and email viruses, all email providers are switching to
> what is known as 'authenticated SMTP'. SMTP stands for Simple
> Mail Transfer Protocol, which enables the sending of email.
> Authentication is a method of identifying the origin of emails
> that stops emails being sent anonymously.

Translation:

A few critical networks that your ISP's customers need to send mail to 
will start blocking your ISP's main mail servers at the first sign of 
viruses or multi-hop spam that comes through them.

It then takes several hours or days to get these blocks removed while 
your ISP has to handle complaints from their users.

> Most nuisance emails (spam) are sent from people on
> unauthenticated email. By removing the ability to send email
> without authentication, spam should be substantially reduced.

Only a small amount of spam will be reduced by this.  Most viruses will 
be stopped by this.

> Making this change is simple - what to do
> 
> All you need to do is switch on 'SMTP authentication', usually
> by ticking a box called 'My server requires authentication' in
> your email program settings.
> <snip>

Strong recommendation, especially if you are running a platform 
vulnerable to malware.

Set up a default e-mail account that does not point to a reachable 
e-mail server.

It adds an extra step that you must change the sender when sending 
e-mail, but that is only one extra mouse action for Mozilla or Outlook 
Express.

Malware, and other programs, including web pages that attempt to use 
your e-mail program to send mail will lose their ability to do so with 
out your knowledge.

> Question
> What will be the net effect of these changes?

E-mail from your ISP is less likely to be refused by some networks.

Your ISP is less likely to end up on blocking lists, especially if they 
have also blocked port 25 outgoing for unregistered mail servers.

Your ISP will have lower operating costs.  Spammers and virus writers 
will have a harder time stealing resources from them to spam other networks.

If you use an external mail server then you should make sure that it is 
using SMTP-AUTH on the alternate port (IIRC) 587.

I have noticed reports on usenet that an increasing number of ISPs are 
blocking port 25 for residential broadband connections, some with out 
notice.  So even if port 25 works now, I would strongly recommend making 
sure that you can use port 587 instead for mail servers other than your ISP.

Based on other media reports, the implication is such blocks seem to be 
put in place because one of the other larger networks either stopped 
accepting any e-mail from their IP space or threatened to do so.

And in the case that was most visible in the media, the blocked ISP 
complaints about how unfair it was did not do any good to get the e-mail 
accepted again.  Only that ISP making sure that no spam came out of 
their I.P. space got the e-mail accepted again.

-John
wb8tyw at qsl.network
Personal Opinion Only